ext-fw4-a.fw.lrz.de
- Bayerische Akademie der Wissenschaften -
Issued by DFN-Verein Global Issuing CA
About this certificate
This digital certificate with serial number 25:95:c3:d7:84:21:f7:1b:ae:c3:05:d7 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bayerische Akademie der Wissenschaften
Organization:
Bayerische Akademie der Wissenschaften
Organization unit: Leibniz-Rechenzentrum
Organization unit: Leibniz-Rechenzentrum
State / Province:
Bayern
Locality: Garching b. Muenchen
Country: DE
Locality: Garching b. Muenchen
Country: DE
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization:
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Organization unit: DFN-PKI
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 25:95:c3:d7:84:21:f7:1b:ae:c3:05:d7Serial Number (int): 11632000147547645503724520919
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: 42:b2:37:f3:8d:c8:fd:5e:87:e6:3c:76:ca:16:70:c6:5c:2c:ba:52
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74
Fingerprint (sha1): d3:21:08:4d:aa:21:c3:34:0e:e8:31:89:63:c8:ba:93:3c:67:3b:93
Fingerprint (sha256): 03:01:4a:b5:79:5b:e0:42:67:fa:bb:e0:17:34:66:82:41:45:a5:f4:e7:42:f2:97:10:34:22:dd:4c:36:8e:ae
Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
Check the revocation status for certificate ext-fw4-a.fw.lrz.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ext-fw4-a.fw.lrz.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ext-fw4-a.fw.lrz.de
ext-fw4-p.fw.lrz.de
ext-fw4-r.fw.lrz.de
ext-fw4-p.fw.lrz.de
ext-fw4-r.fw.lrz.de
Other certificates including the domain name lrz.de
(limited to 100 certificates)
wwwv1.mwn.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
wwwv1.mwn.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
wwwv1.mwn.de
Certificate
The complete raw certificate details for ext-fw4-a.fw.lrz.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXTCCBUWgAwIBAgIMJZXD14Qh9xuuwwXXMA0GCSqGSIb3DQEBCwUAMIGNMQsw CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIx MTAyNTA1NTMxNFoXDTIyMTEyNTA1NTMxNFowgawxCzAJBgNVBAYTAkRFMQ8wDQYD VQQIDAZCYXllcm4xHTAbBgNVBAcMFEdhcmNoaW5nIGIuIE11ZW5jaGVuMS8wLQYD VQQKDCZCYXllcmlzY2hlIEFrYWRlbWllIGRlciBXaXNzZW5zY2hhZnRlbjEeMBwG A1UECwwVTGVpYm5pei1SZWNoZW56ZW50cnVtMRwwGgYDVQQDDBNleHQtZnc0LWEu ZncubHJ6LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAR8D8LD 4fQrfARnq879kOK09hdGf5itVhrWLVvSqlKu9SKrmcsuJYIfO53KdExpRCpWK9Yf b2VPleWyy6y3IugNhfWBaZ7hIvwMVfJHf3cUgst0Gbr3GsW7C7QkMQW1bRWPI8jV 2HbVCo+iHw96llTTj5PORbw7PFHxUFIM2AV3mHTMX/QlX8jwGm31QdmYhLM4CdLz Vd0cpWmPBgJsCopeOCUUsAmYu1MCe1OW25qZHNhcVTU+ln+eqF78Ae2yswjD098K EwTgBefgGifzfh6D23tn4tQb6a7jZBhmKwJVg2G1bRPpIXtt5b/MoD9hjtE1g1FL DSiFdNUPCJEh7QIDAQABo4ICmjCCApYwVwYDVR0gBFAwTjAIBgZngQwBAgIwDQYL KwYBBAGBrSGCLB4wDwYNKwYBBAGBrSGCLAEBBDAQBg4rBgEEAYGtIYIsAQEECjAQ Bg4rBgEEAYGtIYIsAgEECjAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDATBgNV HSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUQrI3843I/V6H5jx2yhZwxlwsulIw HwYDVR0jBBgwFoAUazqYi/nyU4na4K2yMh4JH+iqO3QwSAYDVR0RBEEwP4ITZXh0 LWZ3NC1hLmZ3Lmxyei5kZYITZXh0LWZ3NC1wLmZ3Lmxyei5kZYITZXh0LWZ3NC1y LmZ3Lmxyei5kZTCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vY2RwMS5wY2Eu ZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmwwP6A9oDuG OWh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3Js L2NhY3JsLmNybDCB2wYIKwYBBQUHAQEEgc4wgcswMwYIKwYBBQUHMAGGJ2h0dHA6 Ly9vY3NwLnBjYS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBJBggrBgEFBQcwAoY9 aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNl cnQvY2FjZXJ0LmNydDBJBggrBgEFBQcwAoY9aHR0cDovL2NkcDIucGNhLmRmbi5k ZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDATBgorBgEE AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5b9Rb/XdB+yRjwczay+ WEb+K7wcLSQ5mLqsi8zzhw7YmpzSrhP1WkitDYyixik0tAE6ez8ruuvalcg/M868 75a6j1UyvRKiVTYx+f8NCxT8hv+2617mjHxKLlrW2vAm87yJGM+YMNxc8PmXpfkX Qt7/fUVkQP3EQSaIZ1p3nKDRF0YKEYdrdeOOW0MAkuVr8C4PkjBshzICKTEY9dTv XTh1h0wBwmKyT+wLqEz3HutPKYCJMj29b0+EOkDkjvwvG6+n6dCbyzselpqOq4P9 /aEilP6pkBuz3bYx7jsPfvNHo1kNVIi85L0cynm1WH/ZKe9qICNxSPG2fW2t+zs1 eQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAR8D8LD4fQrfARnq879 kOK09hdGf5itVhrWLVvSqlKu9SKrmcsuJYIfO53KdExpRCpWK9Yfb2VPleWyy6y3 IugNhfWBaZ7hIvwMVfJHf3cUgst0Gbr3GsW7C7QkMQW1bRWPI8jV2HbVCo+iHw96 llTTj5PORbw7PFHxUFIM2AV3mHTMX/QlX8jwGm31QdmYhLM4CdLzVd0cpWmPBgJs CopeOCUUsAmYu1MCe1OW25qZHNhcVTU+ln+eqF78Ae2yswjD098KEwTgBefgGifz fh6D23tn4tQb6a7jZBhmKwJVg2G1bRPpIXtt5b/MoD9hjtE1g1FLDSiFdNUPCJEh 7QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11632000147547645503724520919 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-25 05:53:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-25 05:53:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bayern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Garching b. Muenchen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bayerische Akademie der Wissenschaften' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Leibniz-Rechenzentrum' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ext-fw4-a.fw.lrz.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24239965999803474675712607472193135037238112280002578429270971506428089383285049885587923771549274234041495947379794207734920499955864402780726740101587831152479984200801431764736661481042450987927577942850957386451653075525504372787914712423148950651216719045644188045837483388940311330731162044715716642455703117529128524590388850412565135022178310048372972083945044207937472651828375797646227361701362915587422429699059934394772922596371901391097238943354330032440477767817620283131537034384176818765189088543481023089979163321814823466022952364637203379443747537824876431870778800687064017828326861248318653145581 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.10 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 42b237f38dc8fd5e87e63c76ca1670c65c2cba52 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ext-fw4-a.fw.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ext-fw4-p.fw.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ext-fw4-r.fw.lrz.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003b96fd45bfd7741fb2463c1ccdacbe5846fe2bbc1c2d243998baac8bccf3870ed89a9cd2ae13f55a48ad0d8ca2c62934b4013a7b3f2bbaebda95c83f33cebcef96ba8f5532bd12a2553631f9ff0d0b14fc86ffb6eb5ee68c7c4a2e5ad6daf026f3bc8918cf9830dc5cf0f997a5f91742deff7d456440fdc4412688675a779ca0d117460a11876b75e38e5b430092e56bf02e0f92306c873202293118f5d4ef5d3875874c01c262b24fec0ba84cf71eeb4f298089323dbd6f4f843a40e48efc2f1bafa7e9d09bcb3b1e969a8eab83fdfda12294fea9901bb3ddb631ee3b0f7ef347a3590d5488bce4bd1cca79b5587fd929ef6a20237148f1b67d6dadfb3b3579