oc.rz-berlin.mpg.de

- Max-Planck-Gesellschaft -

Issued by MPG CA

About this certificate

This digital certificate with serial number 1a:6b:ea:21:0d:4a:e0 was issued on by Max-Planck-Gesellschaft.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [KeyEncipherment DataEncipherment DigitalSignature ContentCommitment] (00001111) inconsistent with ExtKeyUsage serverAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)

Max-Planck-Gesellschaft

Organization: Max-Planck-Gesellschaft
Organization unit: Max-Planck-Institut fuer Wissenschaftsgeschichte
State / Province: Berlin
Locality: Berlin
Country: DE

Max-Planck-Gesellschaft

Organization: Max-Planck-Gesellschaft
Country: DE

This certificate has expire since

Certificate Details

Serial Number (hex): 1a:6b:ea:21:0d:4a:e0
Serial Number (int): 7437002715515616
Serial Number lenght: 53 bits, 7 octets

SubjectKeyId: 12:54:d8:71:e7:72:33:7d:be:59:c4:f7:4b:38:c6:6b:72:6c:bd:37
AuthorityKeyId: 02:d6:1e:6e:09:ab:bf:58:65:a7:0a:3c:48:33:61:d1:ce:7d:c3:5b

Fingerprint (sha1): b8:f7:da:9f:69:61:27:55:71:52:1d:b0:26:d5:05:5e:30:42:7e:c0
Fingerprint (sha256): 01:e1:74:e7:44:06:52:ee:da:43:6c:79:0b:45:fb:5d:bb:90:09:a4:c2:8a:2c:0d:8c:90:58:4d:c2:e4:3c:37

Issuing Certificate URL: http://cdp1.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt

Revocation information

OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSP
CRL Distribution Point: http://cdp1.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl

Check the revocation status for certificate oc.rz-berlin.mpg.de

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for oc.rz-berlin.mpg.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

oc.rz-berlin.mpg.de
owncloud.mpiwg-berlin.mpg.de
oc.mpiwg-berlin.mpg.de

Other certificates including the domain name mpg.de

(limited to 100 certificates)
vweb14.gwdg.de
reem.mpiwg-berlin.mpg.de
calc.init.mpg.de
gitlab.pks.mpg.de
mpicc.csl.mpg.de
srzadrest-e01.vw.iame.mpg.de
porta.bgc-jena.mpg.de
gitlab.intranet.mpl.mpg.de
kanboard.mpimp-golm.mpg.de
ex-mcsrv1.mpe.mpg.de
www.mpl.mpg.de
s2000-proxmox2.mpibpc.mpg.de
tickets.mpl.mpg.de
shibb-staging.mpcdf.mpg.de
www-legacy.csl.mpg.de
idp.bpcentral.biophys.mpg.de
gv-events.mpg.de
matomo.mpdl.mpg.de
labfolder.mpdl.mpg.de
krapiwa.mpipz.mpg.de
*.mpib-berlin.mpg.de
caramba.bgc-jena.mpg.de
gc-ticket.mpipz.mpg.de
aruba-master.mpikg.mpg.de
nc.molgen.mpg.de
aircapdata.is.tue.mpg.de
common-objective.is.tuebingen.mpg.de
public.web.mpg.de
travel-magic.aesthetics.mpg.de
bcw19.sf.mpg.de
helpdesk.mpimp-golm.mpg.de
ccp-cn01.eva.mpg.de
chlorobox.mpimp-golm.mpg.de
svn.test.mpi-klsb.mpg.de
nagiosext.biochem.mpg.de
vpngv.vw.mpg.de
srzsysmanage1.vw.mpg.de
deepspace.ice.mpg.de
bfish.neuro.mpg.de
sally.molgen.mpg.de
musawwaratgraffiti.mpiwg-berlin.mpg.de
rubin.cbs.mpg.de
knb.mpiwg-berlin.mpg.de
voipgwgefo1.vw.mpg.de
vweb14.gwdg.de
srvgvexp-c02.vw.mpg.de
rubinul.tuebingen.mpg.de
mph.tuebingen.mpg.de
colloquia.mpifr-bonn.mpg.de
pubweb.mpi-inf.mpg.de
gc-web.mpipz.mpg.de.mpipz.mpg.de
sslvpn1.mis.mpg.de
lp-bookings.age.mpg.de
lnxsrv-0.mpa-garching.mpg.de
stories.mmg.mpg.de
mail.mucam.mpg.de
fhi-fpr-02-chassis.gnz.mpg.de
proton-vle2.pc.linmpi.mpg.de
atlas-innovations.de
vweb14.gwdg.de
arc-lin-cpt04.mpib-berlin.mpg.de
ftp.mpdl.mpg.de
ncatmaid.tuebingen.mpg.de
db1.aei.mpg.de
csl.mpg.de
desktop.ipp-hgw.mpg.de
intranet.age.mpg.de
www.cbs.mpg.de
prometheus.mpi-inf.mpg.de
resourcespace.mpiwg-berlin.mpg.de
s1020-dc3.d200.bpc.mpg.de
oc.rz-berlin.mpg.de
wiki-virgo.esc.rzg.mpg.de
erebos02.demogr.mpg.de
cvpn01.mis.mpg.de
voucher2.mis.mpg.de
db.arevir.de
npsw-www.mpg.de
ecocn04.eva.mpg.de
kyblab.tuebingen.mpg.de
pc-t6-166.mpipz.mpg.de
voip.ice.mpg.de
scinote.molgen.mpg.de
imap.mis.mpg.de
oak.mpipz.mpg.de
hlltwiki.hll.mpg.de
mail.ip.mpg.de
wints1.pc.linmpi.mpg.de
ds11g-dps2.zmaw.de
typo3-01.mpp.mpg.de
sciform.fkf.mpg.de
wiki.hest.brain.mpg.de
messaging.evolbio.mpg.de
auth-services.vw.mpg.de
extlyncweb.neuro.mpg.de
npsw-xedit.mpg.de
neuro.rzg.mpg.de
hilprecht.mpiwg-berlin.mpg.de
voipgwgv1.vw.mpg.de
stage.mpp.mpg.de

Certificate

The complete raw certificate details for oc.rz-berlin.mpg.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgIHGmvqIQ1K4DANBgkqhkiG9w0BAQsFADBeMQswCQYDVQQG
EwJERTEgMB4GA1UEChMXTWF4LVBsYW5jay1HZXNlbGxzY2hhZnQxDzANBgNVBAMT
Bk1QRyBDQTEcMBoGCSqGSIb3DQEJARYNbXBnLWNhQG1wZy5kZTAeFw0xNTExMTgx
MjE4MjVaFw0xOTAyMTQxMjE4MjVaMIGqMQswCQYDVQQGEwJERTEPMA0GA1UECAwG
QmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xIDAeBgNVBAoMF01heC1QbGFuY2stR2Vz
ZWxsc2NoYWZ0MTkwNwYDVQQLDDBNYXgtUGxhbmNrLUluc3RpdHV0IGZ1ZXIgV2lz
c2Vuc2NoYWZ0c2dlc2NoaWNodGUxHDAaBgNVBAMME29jLnJ6LWJlcmxpbi5tcGcu
ZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCroRwQhWZjYrB5f5yq
KA1ioZ3SFpUicQvPhW46kDdMN+iXHdtpI1ARrF7vESHANyAof+sC17kFXh6+DvA4
2/EYsLPZz7QTtXHWLgEQbAWpArNdfdRa6RfwBTbz9h0r9mUUEfyyDyQWre8rctPj
L/lJjXH+Zxl6BgI0tilCQRqC+VtmZT6oP4qgsIlFczSJuJkSy4GyWoNdbrEa1Iuu
VBjG8YT/lTdStegNGTvgfThCxzyLaCYcON/jNs2GLeu1K+xOOZgfVKGsUuF9tmDU
voW9a9dnNL6OffAK+WtRxQb9Rbhyeww8x0wt+15OSuuLxv2MPNiQ0Gq+7da9O8cA
XVbxAgMBAAGjggJlMIICYTBZBgNVHSAEUjBQMBEGDysGAQQBga0hgiwBAQQDBDAR
Bg8rBgEEAYGtIYIsAgEEAwEwDwYNKwYBBAGBrSGCLAEBBDANBgsrBgEEAYGtIYIs
HjAIBgZngQwBAgIwCQYDVR0TBAIwADALBgNVHQ8EBAMCBPAwEwYDVR0lBAwwCgYI
KwYBBQUHAwEwHQYDVR0OBBYEFBJU2HHncjN9vlnE90s4xmtybL03MB8GA1UdIwQY
MBaAFALWHm4Jq79YZacKPEgzYdHOfcNbMFQGA1UdEQRNMEuCE29jLnJ6LWJlcmxp
bi5tcGcuZGWCHG93bmNsb3VkLm1waXdnLWJlcmxpbi5tcGcuZGWCFm9jLm1waXdn
LWJlcmxpbi5tcGcuZGUwdwYDVR0fBHAwbjA1oDOgMYYvaHR0cDovL2NkcDEucGNh
LmRmbi5kZS9tcGctY2EvcHViL2NybC9jYWNybC5jcmwwNaAzoDGGL2h0dHA6Ly9j
ZHAyLnBjYS5kZm4uZGUvbXBnLWNhL3B1Yi9jcmwvY2FjcmwuY3JsMIHHBggrBgEF
BQcBAQSBujCBtzAzBggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9P
Q1NQLVNlcnZlci9PQ1NQMD8GCCsGAQUFBzAChjNodHRwOi8vY2RwMS5wY2EuZGZu
LmRlL21wZy1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwPwYIKwYBBQUHMAKGM2h0
dHA6Ly9jZHAyLnBjYS5kZm4uZGUvbXBnLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNy
dDANBgkqhkiG9w0BAQsFAAOCAQEAZsbJ+6lqVTUIpWYjxttbHUcc0XVpXjfql2Wv
kDhxufLJ5ZuJNI4Q+GAoUtdqgP0tPWMYZI7VtFs0dIsbZTr0X8SAOaQZ035AaZN3
VLyihg0aOcoiAgerebTtfm4fWd1PUTx6YD+JsFpQfm1O/zRUy1996nx445mOIk5h
jXoRQcHyQhplFZOzsc3oFTRiPNfho1HpzGVUL5YO9GWD4r6rEhN0EYhUZtMlHILU
XpE8OOKTI+Fc76Uz0/Dk79sHA2FDCR3UlRM1nUZS8B8/yc9a1hXVFXbHGNHFXFTO
sgLUVcgtSfGOddoFwyO76uOWAoT4MEmyAyosy90/w58xNRQp4A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6EcEIVmY2KweX+cqigN
YqGd0haVInELz4VuOpA3TDfolx3baSNQEaxe7xEhwDcgKH/rAte5BV4evg7wONvx
GLCz2c+0E7Vx1i4BEGwFqQKzXX3UWukX8AU28/YdK/ZlFBH8sg8kFq3vK3LT4y/5
SY1x/mcZegYCNLYpQkEagvlbZmU+qD+KoLCJRXM0ibiZEsuBslqDXW6xGtSLrlQY
xvGE/5U3UrXoDRk74H04Qsc8i2gmHDjf4zbNhi3rtSvsTjmYH1ShrFLhfbZg1L6F
vWvXZzS+jn3wCvlrUcUG/UW4cnsMPMdMLfteTkrri8b9jDzYkNBqvu3WvTvHAF1W
8QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7437002715515616
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Max-Planck-Gesellschaft'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MPG CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-18 12:18:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-14 12:18:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Max-Planck-Gesellschaft'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Max-Planck-Institut fuer Wissenschaftsgeschichte'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'oc.rz-berlin.mpg.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21666196267312403173495775684792093248738156690044828377414019317232417894185488479951988311145266720273493101055017431612133163878390828736378181809344804267293993480357274068669251331031069504390027082860823425131687760182492211707401887760126828279870736670116734929710038942484420395446524054199655914533220877738966849657148379198340328861190212934263546597471983455811628742426058683598204774148316722629434767354218226965876823281059403658197441335672390514858551469544932809760480074075061805190590559871759711417118631765855547800116951983399288175173952908259961713737988666523436769804564286690143040788209
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1254d871e772337dbe59c4f74b38c66b726cbd37
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 02d61e6e09abbf5865a70a3c483361d1ce7dc35b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oc.rz-berlin.mpg.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'owncloud.mpiwg-berlin.mpg.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oc.mpiwg-berlin.mpg.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (186 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0066c6c9fba96a553508a56623c6db5b1d471cd175695e37ea9765af903871b9f2c9e59b89348e10f8602852d76a80fd2d3d6318648ed5b45b34748b1b653af45fc48039a419d37e4069937754bca2860d1a39ca220207ab79b4ed7e6e1f59dd4f513c7a603f89b05a507e6d4eff3454cb5f7dea7c78e3998e224e618d7a1141c1f2421a651593b3b1cde81534623cd7e1a351e9cc65542f960ef46583e2beab12137411885466d3251c82d45e913c38e29323e15cefa533d3f0e4efdb07036143091dd49513359d4652f01f3fc9cf5ad615d51576c718d1c55c54ceb202d455c82d49f18e75da05c323bbeae3960284f83049b2032a2ccbdd3fc39f31351429e0