bq-mon-01.bioquant.uni-heidelberg.de

- Ruprecht-Karls-Universitaet Heidelberg -

Issued by DFN-Verein Global Issuing CA

About this certificate

This digital certificate with serial number 27:64:d6:89:36:03:73:d6:59:de:6a:5d was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Ruprecht-Karls-Universitaet Heidelberg

Organization: Ruprecht-Karls-Universitaet Heidelberg
State / Province: Baden-Wuerttemberg
Locality: Heidelberg
Country: DE

Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.

Organization: Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Country: DE

This certificate has expire since

Certificate Details

Serial Number (hex): 27:64:d6:89:36:03:73:d6:59:de:6a:5d
Serial Number (int): 12191821082517274667467565661
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: fa:96:0d:9f:6c:44:c3:41:13:ff:76:ec:a7:57:03:01:68:2d:58:3c
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74

Fingerprint (sha1): 4c:2b:c7:55:13:74:96:a3:79:ae:a2:e7:a4:13:76:ad:61:76:0c:b3
Fingerprint (sha256): 01:62:6d:14:53:57:94:95:5b:0a:3b:05:31:ba:f6:e4:d1:dd:8b:9f:a1:ec:df:cd:5e:76:fe:fe:a7:25:b5:c5

Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt

Revocation information

OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSP
CRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl

Check the revocation status for certificate bq-mon-01.bioquant.uni-heidelberg.de

3

DNS Names

0

Email Addresses

2

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bq-mon-01.bioquant.uni-heidelberg.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bq-mon-01.bioquant.uni-heidelberg.de
bq-fog-ng.bioquant.uni-heidelberg.de
bq-fog-ng76.hmls.uni-heidelberg.de
129.206.76.101
129.206.69.128

Other certificates including the domain name uni-heidelberg.de

(limited to 100 certificates)
hch19.cl.uni-heidelberg.de
www.mathematik.uni-heidelberg.de
klassphil.stura.uni-heidelberg.de
heimap-app.uni-heidelberg.de
heidocs1.zuv.uni-heidelberg.de
haw-pallas.adw.uni-heidelberg.de
flagship.kip.uni-heidelberg.de
cloud.kip.uni-heidelberg.de
ra.ziti.uni-heidelberg.de
neu.stura.uni-heidelberg.de
imap.iup.uni-heidelberg.de
calc.mathphys.stura.uni-heidelberg.de
vcg.iwr.uni-heidelberg.de
crispr.cos.uni-heidelberg.de
datashield.bioquant.uni-heidelberg.de
zinser-pc.physi.uni-heidelberg.de
weyauu.physi.uni-heidelberg.de
hcicloud.iwr.uni-heidelberg.de
cft2011.mathi.uni-heidelberg.de
public.urz.uni-heidelberg.de
virtualmin.urz.uni-heidelberg.de
karriere.klinikum.uni-heidelberg.de
www.soz.uni-heidelberg.de
www2.uniarchiv.uni-heidelberg.de
bud.iwr.uni-heidelberg.de
www.kip.uni-heidelberg.de
osm-vis.geog.uni-heidelberg.de
svn.ifi.uni-heidelberg.de
namse.med.uni-heidelberg.de
tc-hissva-prod1.zuv.uni-heidelberg.de
gisservices.geog.uni-heidelberg.de
mobility.zuv.uni-heidelberg.de
jupyter18.kip.uni-heidelberg.de
heiboxone.urz.uni-heidelberg.de
bq-mon-01.bioquant.uni-heidelberg.de
indico.physi.uni-heidelberg.de
mtk-online.urz.uni-heidelberg.de
neueslehramt.stura.uni-heidelberg.de
brassibase-dev.cos.uni-heidelberg.de
rewi-alumni.stura.uni-heidelberg.de
thbw-www.adw.uni-heidelberg.de
physikadmin.kip.uni-heidelberg.de
mp-force.ziti.uni-heidelberg.de
fsjapo.stura.uni-heidelberg.de
parcomp-git.iwr.uni-heidelberg.de
klimaschutzkarte.de
serv5.ub.uni-heidelberg.de
fachschaft.cl.uni-heidelberg.de
abhilekha.adw.uni-heidelberg.de
moodle.umm.uni-heidelberg.de
Sharepoint.urz.uni-heidelberg.de
kibana-dev.realm.bwinfosec.uni-heidelberg.de
brassibase-dev.cos.uni-heidelberg.de
exchange.uni-heidelberg.de
drw-www.adw.uni-heidelberg.de
cumulus.cos.uni-heidelberg.de
git.kip.uni-heidelberg.de
medusys.medma.uni-heidelberg.de
emp.kip.uni-heidelberg.de
relay2.uni-heidelberg.de
wrangler.mathi.uni-heidelberg.de
sturawahl.stura.uni-heidelberg.de
gistools.geog.uni-heidelberg.de
banane.mathi.uni-heidelberg.de
webapp-test.zuv.uni-heidelberg.de
mail.stw.uni-heidelberg.de
owncloud.itp.uni-heidelberg.de
ki.stura.uni-heidelberg.de
hisapp.uni-heidelberg.de
pille.iwr.uni-heidelberg.de
znfshop.zbt.uni-heidelberg.de
dschungelbuch.stura.uni-heidelberg.de
ui-test.heicloud.uni-heidelberg.de
aid.krz.uni-heidelberg.de
fszahnmedizin.stura.uni-heidelberg.de
dag.adw.uni-heidelberg.de
gitlab.gistools.geog.uni-heidelberg.de
survey.csi.uni-heidelberg.de
mtk-online.urz.uni-heidelberg.de
mats.stura.uni-heidelberg.de
hci-iweb.iwr.uni-heidelberg.de
ora3.zuv.uni-heidelberg.de
sso-02-dmed.urz.uni-heidelberg.de
beowulf.bioquant.uni-heidelberg.de
web.imbi.uni-heidelberg.de
aci.uni-heidelberg.de
jesajanet-pepa-test.med.uni-heidelberg.de
pix.umm.uni-heidelberg.de
wvz1.stura.uni-heidelberg.de
books.ub.uni-heidelberg.de
ext01.dmed.uni-heidelberg.de
serv5.ub.uni-heidelberg.de
cegit.ziti.uni-heidelberg.de
fsiued.stura.uni-heidelberg.de
dsf-dbmi.umm.uni-heidelberg.de
fs-sino.stura.uni-heidelberg.de
lists.cl.uni-heidelberg.de
bud.iwr.uni-heidelberg.de
dms.urz.uni-heidelberg.de
ipa.iwr.uni-heidelberg.de

Certificate

The complete raw certificate details for bq-mon-01.bioquant.uni-heidelberg.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHjjCCBnagAwIBAgIMJ2TWiTYDc9ZZ3mpdMA0GCSqGSIb3DQEBCwUAMIGNMQsw
CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t
UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIy
MTAxMTExNTIyOFoXDTIzMTExMTExNTIyOFowgZ8xCzAJBgNVBAYTAkRFMRswGQYD
VQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxEzARBgNVBAcMCkhlaWRlbGJlcmcxLzAt
BgNVBAoMJlJ1cHJlY2h0LUthcmxzLVVuaXZlcnNpdGFldCBIZWlkZWxiZXJnMS0w
KwYDVQQDDCRicS1tb24tMDEuYmlvcXVhbnQudW5pLWhlaWRlbGJlcmcuZGUwggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCrYM/RPZV9JLGjjVnvuTdkiKRV
FHqGYiehlDxPpzW15xsVE6RbGPTON32K7eYKV5R7JdH4QoVgMVNS9aNRRDV7OGPn
KAGMxuRwvbtrvpf3RVxOTN/7i0a8cvNpuxVO1n51Gc8CmrrGnJuezn7eSzB4+6Hq
1vtmfZzCDvlltSCDBzaDqhA5UbVAEWqa1pUDq3EZ/6BJLA7/2/z/61FXjMEruINX
2Vjwvh6yU0UgNcgyQwCGt0obRLggAfFBHNebfG+Ag6QflE4MNZwjEyAmdHY7f+WP
ZR+sw2NVoaCL53KNGhcQTxh/O1rY/hBZFSzPDI8REPkRK4yG7fUjxiVxnzZs7GSB
3jCizcCDbx5pF0g4WD53ny9x293Ph0c+UL8bxQH1b0yx/4iKQ3HDjCHddICvm0/8
3Qvj2oc6u6dpxknSD/cwDVz+pTliBN1fwwJpQtlS3hOEb+IJfFtfDI1nHxczPlHy
o2BLU0ymLM60WjGEoWzO/l1jRxt6PccryXrNYijNyo3m4awGkwMJawX84jGKb8VZ
XVV3lbO2y9Y6+MhIi5DQ7EFl2DtA0QmQR6I910Tbgc2xUCLxoTJLr7iO1zZbJ9qW
Pr6zrcBhaPs1pczGxcWTL8qmzN2cc2mHb4by4hu/CLpqCUQMDuWz98e0nHBcg2C/
39ReBt0LANnuE9JdGwIDAQABo4IC2DCCAtQwVwYDVR0gBFAwTjAIBgZngQwBAgIw
DQYLKwYBBAGBrSGCLB4wDwYNKwYBBAGBrSGCLAEBBDAQBg4rBgEEAYGtIYIsAQEE
CjAQBg4rBgEEAYGtIYIsAgEECjAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAT
BgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQU+pYNn2xEw0ET/3bsp1cDAWgt
WDwwHwYDVR0jBBgwFoAUazqYi/nyU4na4K2yMh4JH+iqO3QwgYUGA1UdEQR+MHyC
JGJxLW1vbi0wMS5iaW9xdWFudC51bmktaGVpZGVsYmVyZy5kZYIkYnEtZm9nLW5n
LmJpb3F1YW50LnVuaS1oZWlkZWxiZXJnLmRlgiJicS1mb2ctbmc3Ni5obWxzLnVu
aS1oZWlkZWxiZXJnLmRlhwSBzkxlhwSBzkWAMIGNBgNVHR8EgYUwgYIwP6A9oDuG
OWh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3Js
L2NhY3JsLmNybDA/oD2gO4Y5aHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2Et
Z2xvYmFsLWcyL3B1Yi9jcmwvY2FjcmwuY3JsMIHbBggrBgEFBQcBAQSBzjCByzAz
BggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZlci9P
Q1NQMEkGCCsGAQUFBzAChj1odHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1jYS1n
bG9iYWwtZzIvcHViL2NhY2VydC9jYWNlcnQuY3J0MEkGCCsGAQUFBzAChj1odHRw
Oi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NhY2VydC9j
YWNlcnQuY3J0MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBX3p/uphZ3kKr1LdG+g34zj+4F95sXlf2J/Po1eGUmkUvVmYd16WpiShbBVHJD
v440FzV0XKTGRy0gBOvTZ1Hf6cXg3Hq/I0oOEwrzWMFldWcUnqVBPF8WHJ6cTDDy
MhiviNpl4PGQDuHynS1f7yYwIQoiW2zHyI+SdElJpUVokyaiD87vf7VooQk+YrIE
Ggy83QY9fXxiOSvdfnVnoFbb7xmYIuh0NRXn03BjvjjZqkFtE5+e2Vg4bAxsfqBl
ohgU1+rD3rQGcEemhxb7lOKJJTawfG+CekFxCCKxhe481LrOxARocXMREWFrgV14
7xcdwg3l8/aHi2js0WdImjxe
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2DP0T2VfSSxo41Z77k3
ZIikVRR6hmInoZQ8T6c1tecbFROkWxj0zjd9iu3mCleUeyXR+EKFYDFTUvWjUUQ1
ezhj5ygBjMbkcL27a76X90VcTkzf+4tGvHLzabsVTtZ+dRnPApq6xpybns5+3ksw
ePuh6tb7Zn2cwg75ZbUggwc2g6oQOVG1QBFqmtaVA6txGf+gSSwO/9v8/+tRV4zB
K7iDV9lY8L4eslNFIDXIMkMAhrdKG0S4IAHxQRzXm3xvgIOkH5RODDWcIxMgJnR2
O3/lj2UfrMNjVaGgi+dyjRoXEE8Yfzta2P4QWRUszwyPERD5ESuMhu31I8YlcZ82
bOxkgd4wos3Ag28eaRdIOFg+d58vcdvdz4dHPlC/G8UB9W9Msf+IikNxw4wh3XSA
r5tP/N0L49qHOrunacZJ0g/3MA1c/qU5YgTdX8MCaULZUt4ThG/iCXxbXwyNZx8X
Mz5R8qNgS1NMpizOtFoxhKFszv5dY0cbej3HK8l6zWIozcqN5uGsBpMDCWsF/OIx
im/FWV1Vd5WztsvWOvjISIuQ0OxBZdg7QNEJkEeiPddE24HNsVAi8aEyS6+4jtc2
Wyfalj6+s63AYWj7NaXMxsXFky/KpszdnHNph2+G8uIbvwi6aglEDA7ls/fHtJxw
XINgv9/UXgbdCwDZ7hPSXRsCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12191821082517274667467565661
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-11 11:52:28 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-11 11:52:28 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Wuerttemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Heidelberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Ruprecht-Karls-Universitaet Heidelberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'bq-mon-01.bioquant.uni-heidelberg.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 699161938875739265995056551024092523508298885568750092377612660201744645217192057007953751584179329703333340716970614541283359729328700205806272609517355069132385849886298489186751820743623412739077620442624613582171934573765566457670558655713261795790828687862789438819598887242490649132429579531182593846114626523157477639009735782997443759066104505622939105996071431655117044911832700525556968453902126872732215559833075895726212873661053851299541627178376417266093642908311183885729785761123540776011783255314039827200424913564788214183011994260724089890791799988876218501622902211639989029127514106606712465706852077693167369375469409829551161586483954696760420475147914704322988336464868112286469249434247815524834112993898273508558799458467456292612353295764053098281012533171928504886944391159774257595784857942870177672474942895562381291793006800110327171670408753194016240079147402401757289810726905013671006973505457717535291762719715626661756157217996923061600302640280503221118665054767193020488122048985599520624352384052589098627110183576676819628122929224562897860175511258648044457876566113353421822309562616303485520283900441104301307401813144349292157171637425901296446171168363152837598816120715286841894099901723
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.10
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.10
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fa960d9f6c44c34113ff76eca7570301682d583c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bq-mon-01.bioquant.uni-heidelberg.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bq-fog-ng.bioquant.uni-heidelberg.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bq-fog-ng76.hmls.uni-heidelberg.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:7|false] OCTET STRING '129.206.76.101'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:7|false] OCTET STRING '129.206.69.128'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0057de9feea6167790aaf52dd1be837e338fee05f79b1795fd89fcfa35786526914bd5998775e96a624a16c1547243bf8e341735745ca4c6472d2004ebd36751dfe9c5e0dc7abf234a0e130af358c1657567149ea5413c5f161c9e9c4c30f23218af88da65e0f1900ee1f29d2d5fef2630210a225b6cc7c88f92744949a545689326a20fceef7fb568a1093e62b2041a0cbcdd063d7d7c62392bdd7e7567a056dbef199822e8743515e7d37063be38d9aa416d139f9ed958386c0c6c7ea065a21814d7eac3deb4067047a68716fb94e2892536b07c6f827a41710822b185ee3cd4bacec4046871731111616b815d78ef171dc20de5f3f6878b68ecd167489a3c5e