oc.rz-berlin.mpg.de
- Max-Planck-Gesellschaft -
Issued by MPG CA
About this certificate
This digital certificate with serial number 1a:6b:ea:21:0d:4a:e0 was issued on by Max-Planck-Gesellschaft.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [KeyEncipherment DataEncipherment DigitalSignature ContentCommitment] (00001111) inconsistent with ExtKeyUsage serverAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Max-Planck-Gesellschaft
Organization:
Max-Planck-Gesellschaft
Organization unit: Max-Planck-Institut fuer Wissenschaftsgeschichte
Organization unit: Max-Planck-Institut fuer Wissenschaftsgeschichte
State / Province:
Berlin
Locality: Berlin
Country: DE
Locality: Berlin
Country: DE
Max-Planck-Gesellschaft
Organization:
Max-Planck-Gesellschaft
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 1a:6b:ea:21:0d:4a:e0Serial Number (int): 7437002715515616
Serial Number lenght: 53 bits, 7 octets
SubjectKeyId: 12:54:d8:71:e7:72:33:7d:be:59:c4:f7:4b:38:c6:6b:72:6c:bd:37
AuthorityKeyId: 02:d6:1e:6e:09:ab:bf:58:65:a7:0a:3c:48:33:61:d1:ce:7d:c3:5b
Fingerprint (sha1): b8:f7:da:9f:69:61:27:55:71:52:1d:b0:26:d5:05:5e:30:42:7e:c0
Fingerprint (sha256): 01:e1:74:e7:44:06:52:ee:da:43:6c:79:0b:45:fb:5d:bb:90:09:a4:c2:8a:2c:0d:8c:90:58:4d:c2:e4:3c:37
Issuing Certificate URL: http://cdp1.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl
Check the revocation status for certificate oc.rz-berlin.mpg.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for oc.rz-berlin.mpg.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Content Commitment
Key Encipherment
Data Encipherment
Extended Key Usages
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oc.rz-berlin.mpg.de
owncloud.mpiwg-berlin.mpg.de
oc.mpiwg-berlin.mpg.de
owncloud.mpiwg-berlin.mpg.de
oc.mpiwg-berlin.mpg.de
Other certificates including the domain name mpg.de
(limited to 100 certificates)
vweb14.gwdg.de
reem.mpiwg-berlin.mpg.de
calc.init.mpg.de
gitlab.pks.mpg.de
mpicc.csl.mpg.de
srzadrest-e01.vw.iame.mpg.de
porta.bgc-jena.mpg.de
gitlab.intranet.mpl.mpg.de
kanboard.mpimp-golm.mpg.de
ex-mcsrv1.mpe.mpg.de
www.mpl.mpg.de
s2000-proxmox2.mpibpc.mpg.de
tickets.mpl.mpg.de
shibb-staging.mpcdf.mpg.de
www-legacy.csl.mpg.de
idp.bpcentral.biophys.mpg.de
gv-events.mpg.de
matomo.mpdl.mpg.de
labfolder.mpdl.mpg.de
krapiwa.mpipz.mpg.de
*.mpib-berlin.mpg.de
caramba.bgc-jena.mpg.de
gc-ticket.mpipz.mpg.de
aruba-master.mpikg.mpg.de
nc.molgen.mpg.de
aircapdata.is.tue.mpg.de
common-objective.is.tuebingen.mpg.de
public.web.mpg.de
travel-magic.aesthetics.mpg.de
bcw19.sf.mpg.de
helpdesk.mpimp-golm.mpg.de
ccp-cn01.eva.mpg.de
chlorobox.mpimp-golm.mpg.de
svn.test.mpi-klsb.mpg.de
nagiosext.biochem.mpg.de
vpngv.vw.mpg.de
srzsysmanage1.vw.mpg.de
deepspace.ice.mpg.de
bfish.neuro.mpg.de
sally.molgen.mpg.de
musawwaratgraffiti.mpiwg-berlin.mpg.de
rubin.cbs.mpg.de
knb.mpiwg-berlin.mpg.de
voipgwgefo1.vw.mpg.de
vweb14.gwdg.de
srvgvexp-c02.vw.mpg.de
rubinul.tuebingen.mpg.de
mph.tuebingen.mpg.de
colloquia.mpifr-bonn.mpg.de
pubweb.mpi-inf.mpg.de
gc-web.mpipz.mpg.de.mpipz.mpg.de
sslvpn1.mis.mpg.de
lp-bookings.age.mpg.de
lnxsrv-0.mpa-garching.mpg.de
stories.mmg.mpg.de
mail.mucam.mpg.de
fhi-fpr-02-chassis.gnz.mpg.de
proton-vle2.pc.linmpi.mpg.de
atlas-innovations.de
vweb14.gwdg.de
arc-lin-cpt04.mpib-berlin.mpg.de
ftp.mpdl.mpg.de
ncatmaid.tuebingen.mpg.de
db1.aei.mpg.de
csl.mpg.de
desktop.ipp-hgw.mpg.de
intranet.age.mpg.de
www.cbs.mpg.de
prometheus.mpi-inf.mpg.de
resourcespace.mpiwg-berlin.mpg.de
s1020-dc3.d200.bpc.mpg.de
oc.rz-berlin.mpg.de
wiki-virgo.esc.rzg.mpg.de
erebos02.demogr.mpg.de
cvpn01.mis.mpg.de
voucher2.mis.mpg.de
db.arevir.de
npsw-www.mpg.de
ecocn04.eva.mpg.de
kyblab.tuebingen.mpg.de
pc-t6-166.mpipz.mpg.de
voip.ice.mpg.de
scinote.molgen.mpg.de
imap.mis.mpg.de
oak.mpipz.mpg.de
hlltwiki.hll.mpg.de
mail.ip.mpg.de
wints1.pc.linmpi.mpg.de
ds11g-dps2.zmaw.de
typo3-01.mpp.mpg.de
sciform.fkf.mpg.de
wiki.hest.brain.mpg.de
messaging.evolbio.mpg.de
auth-services.vw.mpg.de
extlyncweb.neuro.mpg.de
npsw-xedit.mpg.de
neuro.rzg.mpg.de
hilprecht.mpiwg-berlin.mpg.de
voipgwgv1.vw.mpg.de
stage.mpp.mpg.de
reem.mpiwg-berlin.mpg.de
calc.init.mpg.de
gitlab.pks.mpg.de
mpicc.csl.mpg.de
srzadrest-e01.vw.iame.mpg.de
porta.bgc-jena.mpg.de
gitlab.intranet.mpl.mpg.de
kanboard.mpimp-golm.mpg.de
ex-mcsrv1.mpe.mpg.de
www.mpl.mpg.de
s2000-proxmox2.mpibpc.mpg.de
tickets.mpl.mpg.de
shibb-staging.mpcdf.mpg.de
www-legacy.csl.mpg.de
idp.bpcentral.biophys.mpg.de
gv-events.mpg.de
matomo.mpdl.mpg.de
labfolder.mpdl.mpg.de
krapiwa.mpipz.mpg.de
*.mpib-berlin.mpg.de
caramba.bgc-jena.mpg.de
gc-ticket.mpipz.mpg.de
aruba-master.mpikg.mpg.de
nc.molgen.mpg.de
aircapdata.is.tue.mpg.de
common-objective.is.tuebingen.mpg.de
public.web.mpg.de
travel-magic.aesthetics.mpg.de
bcw19.sf.mpg.de
helpdesk.mpimp-golm.mpg.de
ccp-cn01.eva.mpg.de
chlorobox.mpimp-golm.mpg.de
svn.test.mpi-klsb.mpg.de
nagiosext.biochem.mpg.de
vpngv.vw.mpg.de
srzsysmanage1.vw.mpg.de
deepspace.ice.mpg.de
bfish.neuro.mpg.de
sally.molgen.mpg.de
musawwaratgraffiti.mpiwg-berlin.mpg.de
rubin.cbs.mpg.de
knb.mpiwg-berlin.mpg.de
voipgwgefo1.vw.mpg.de
vweb14.gwdg.de
srvgvexp-c02.vw.mpg.de
rubinul.tuebingen.mpg.de
mph.tuebingen.mpg.de
colloquia.mpifr-bonn.mpg.de
pubweb.mpi-inf.mpg.de
gc-web.mpipz.mpg.de.mpipz.mpg.de
sslvpn1.mis.mpg.de
lp-bookings.age.mpg.de
lnxsrv-0.mpa-garching.mpg.de
stories.mmg.mpg.de
mail.mucam.mpg.de
fhi-fpr-02-chassis.gnz.mpg.de
proton-vle2.pc.linmpi.mpg.de
atlas-innovations.de
vweb14.gwdg.de
arc-lin-cpt04.mpib-berlin.mpg.de
ftp.mpdl.mpg.de
ncatmaid.tuebingen.mpg.de
db1.aei.mpg.de
csl.mpg.de
desktop.ipp-hgw.mpg.de
intranet.age.mpg.de
www.cbs.mpg.de
prometheus.mpi-inf.mpg.de
resourcespace.mpiwg-berlin.mpg.de
s1020-dc3.d200.bpc.mpg.de
oc.rz-berlin.mpg.de
wiki-virgo.esc.rzg.mpg.de
erebos02.demogr.mpg.de
cvpn01.mis.mpg.de
voucher2.mis.mpg.de
db.arevir.de
npsw-www.mpg.de
ecocn04.eva.mpg.de
kyblab.tuebingen.mpg.de
pc-t6-166.mpipz.mpg.de
voip.ice.mpg.de
scinote.molgen.mpg.de
imap.mis.mpg.de
oak.mpipz.mpg.de
hlltwiki.hll.mpg.de
mail.ip.mpg.de
wints1.pc.linmpi.mpg.de
ds11g-dps2.zmaw.de
typo3-01.mpp.mpg.de
sciform.fkf.mpg.de
wiki.hest.brain.mpg.de
messaging.evolbio.mpg.de
auth-services.vw.mpg.de
extlyncweb.neuro.mpg.de
npsw-xedit.mpg.de
neuro.rzg.mpg.de
hilprecht.mpiwg-berlin.mpg.de
voipgwgv1.vw.mpg.de
stage.mpp.mpg.de
Certificate
The complete raw certificate details for oc.rz-berlin.mpg.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8TCCBNmgAwIBAgIHGmvqIQ1K4DANBgkqhkiG9w0BAQsFADBeMQswCQYDVQQG EwJERTEgMB4GA1UEChMXTWF4LVBsYW5jay1HZXNlbGxzY2hhZnQxDzANBgNVBAMT Bk1QRyBDQTEcMBoGCSqGSIb3DQEJARYNbXBnLWNhQG1wZy5kZTAeFw0xNTExMTgx MjE4MjVaFw0xOTAyMTQxMjE4MjVaMIGqMQswCQYDVQQGEwJERTEPMA0GA1UECAwG QmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xIDAeBgNVBAoMF01heC1QbGFuY2stR2Vz ZWxsc2NoYWZ0MTkwNwYDVQQLDDBNYXgtUGxhbmNrLUluc3RpdHV0IGZ1ZXIgV2lz c2Vuc2NoYWZ0c2dlc2NoaWNodGUxHDAaBgNVBAMME29jLnJ6LWJlcmxpbi5tcGcu ZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCroRwQhWZjYrB5f5yq KA1ioZ3SFpUicQvPhW46kDdMN+iXHdtpI1ARrF7vESHANyAof+sC17kFXh6+DvA4 2/EYsLPZz7QTtXHWLgEQbAWpArNdfdRa6RfwBTbz9h0r9mUUEfyyDyQWre8rctPj L/lJjXH+Zxl6BgI0tilCQRqC+VtmZT6oP4qgsIlFczSJuJkSy4GyWoNdbrEa1Iuu VBjG8YT/lTdStegNGTvgfThCxzyLaCYcON/jNs2GLeu1K+xOOZgfVKGsUuF9tmDU voW9a9dnNL6OffAK+WtRxQb9Rbhyeww8x0wt+15OSuuLxv2MPNiQ0Gq+7da9O8cA XVbxAgMBAAGjggJlMIICYTBZBgNVHSAEUjBQMBEGDysGAQQBga0hgiwBAQQDBDAR Bg8rBgEEAYGtIYIsAgEEAwEwDwYNKwYBBAGBrSGCLAEBBDANBgsrBgEEAYGtIYIs HjAIBgZngQwBAgIwCQYDVR0TBAIwADALBgNVHQ8EBAMCBPAwEwYDVR0lBAwwCgYI KwYBBQUHAwEwHQYDVR0OBBYEFBJU2HHncjN9vlnE90s4xmtybL03MB8GA1UdIwQY MBaAFALWHm4Jq79YZacKPEgzYdHOfcNbMFQGA1UdEQRNMEuCE29jLnJ6LWJlcmxp bi5tcGcuZGWCHG93bmNsb3VkLm1waXdnLWJlcmxpbi5tcGcuZGWCFm9jLm1waXdn LWJlcmxpbi5tcGcuZGUwdwYDVR0fBHAwbjA1oDOgMYYvaHR0cDovL2NkcDEucGNh LmRmbi5kZS9tcGctY2EvcHViL2NybC9jYWNybC5jcmwwNaAzoDGGL2h0dHA6Ly9j ZHAyLnBjYS5kZm4uZGUvbXBnLWNhL3B1Yi9jcmwvY2FjcmwuY3JsMIHHBggrBgEF BQcBAQSBujCBtzAzBggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9P Q1NQLVNlcnZlci9PQ1NQMD8GCCsGAQUFBzAChjNodHRwOi8vY2RwMS5wY2EuZGZu LmRlL21wZy1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwPwYIKwYBBQUHMAKGM2h0 dHA6Ly9jZHAyLnBjYS5kZm4uZGUvbXBnLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNy dDANBgkqhkiG9w0BAQsFAAOCAQEAZsbJ+6lqVTUIpWYjxttbHUcc0XVpXjfql2Wv kDhxufLJ5ZuJNI4Q+GAoUtdqgP0tPWMYZI7VtFs0dIsbZTr0X8SAOaQZ035AaZN3 VLyihg0aOcoiAgerebTtfm4fWd1PUTx6YD+JsFpQfm1O/zRUy1996nx445mOIk5h jXoRQcHyQhplFZOzsc3oFTRiPNfho1HpzGVUL5YO9GWD4r6rEhN0EYhUZtMlHILU XpE8OOKTI+Fc76Uz0/Dk79sHA2FDCR3UlRM1nUZS8B8/yc9a1hXVFXbHGNHFXFTO sgLUVcgtSfGOddoFwyO76uOWAoT4MEmyAyosy90/w58xNRQp4A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6EcEIVmY2KweX+cqigN YqGd0haVInELz4VuOpA3TDfolx3baSNQEaxe7xEhwDcgKH/rAte5BV4evg7wONvx GLCz2c+0E7Vx1i4BEGwFqQKzXX3UWukX8AU28/YdK/ZlFBH8sg8kFq3vK3LT4y/5 SY1x/mcZegYCNLYpQkEagvlbZmU+qD+KoLCJRXM0ibiZEsuBslqDXW6xGtSLrlQY xvGE/5U3UrXoDRk74H04Qsc8i2gmHDjf4zbNhi3rtSvsTjmYH1ShrFLhfbZg1L6F vWvXZzS+jn3wCvlrUcUG/UW4cnsMPMdMLfteTkrri8b9jDzYkNBqvu3WvTvHAF1W 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7437002715515616 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Max-Planck-Gesellschaft' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MPG CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-18 12:18:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-14 12:18:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Max-Planck-Gesellschaft' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Max-Planck-Institut fuer Wissenschaftsgeschichte' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'oc.rz-berlin.mpg.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21666196267312403173495775684792093248738156690044828377414019317232417894185488479951988311145266720273493101055017431612133163878390828736378181809344804267293993480357274068669251331031069504390027082860823425131687760182492211707401887760126828279870736670116734929710038942484420395446524054199655914533220877738966849657148379198340328861190212934263546597471983455811628742426058683598204774148316722629434767354218226965876823281059403658197441335672390514858551469544932809760480074075061805190590559871759711417118631765855547800116951983399288175173952908259961713737988666523436769804564286690143040788209 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.3.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04f0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1254d871e772337dbe59c4f74b38c66b726cbd37 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 02d61e6e09abbf5865a70a3c483361d1ce7dc35b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oc.rz-berlin.mpg.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'owncloud.mpiwg-berlin.mpg.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oc.mpiwg-berlin.mpg.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/mpg-ca/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (186 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/mpg-ca/pub/cacert/cacert.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0066c6c9fba96a553508a56623c6db5b1d471cd175695e37ea9765af903871b9f2c9e59b89348e10f8602852d76a80fd2d3d6318648ed5b45b34748b1b653af45fc48039a419d37e4069937754bca2860d1a39ca220207ab79b4ed7e6e1f59dd4f513c7a603f89b05a507e6d4eff3454cb5f7dea7c78e3998e224e618d7a1141c1f2421a651593b3b1cde81534623cd7e1a351e9cc65542f960ef46583e2beab12137411885466d3251c82d45e913c38e29323e15cefa533d3f0e4efdb07036143091dd49513359d4652f01f3fc9cf5ad615d51576c718d1c55c54ceb202d455c82d49f18e75da05c323bbeae3960284f83049b2032a2ccbdd3fc39f31351429e0