sp-ad2.ad.rbb-online.de
- Rundfunk Berlin-Brandenburg -
Issued by DFN-Verein Global Issuing CA
About this certificate
This digital certificate with serial number 21:45:14:e0:f4:0d:49:35:42:fd:dc:49 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
Rundfunk Berlin-Brandenburg
Organization:
Rundfunk Berlin-Brandenburg
Organization unit: OuI
Organization unit: OuI
State / Province:
Berlin
Locality: Berlin
Country: DE
Locality: Berlin
Country: DE
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization:
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Organization unit: DFN-PKI
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 21:45:14:e0:f4:0d:49:35:42:fd:dc:49Serial Number (int): 10296519802643919197874019401
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: b0:ef:cc:05:ec:65:f1:a4:10:cc:81:98:e0:c6:c0:3e:1b:d4:48:9a
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74
Fingerprint (sha1): a5:de:99:3b:d4:5a:35:de:e7:b7:6d:f6:cd:2a:33:13:ba:d6:af:5f
Fingerprint (sha256): 03:aa:54:62:0b:a2:13:0c:2e:fd:34:c4:21:11:e5:fa:d5:75:06:61:e7:fe:6a:73:19:0e:d2:c0:de:28:d1:61
Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
Check the revocation status for certificate sp-ad2.ad.rbb-online.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sp-ad2.ad.rbb-online.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sp-ad2.ad.rbb-online.de
Other certificates including the domain name rbb-online.de
(limited to 100 certificates)
evo-s0.rbb-online.de
mi-vsp02.rbb-online.de
distribution-status.rbb-online.de
sf-ad1.ad.rbb-online.de
ref.rbb-online.de
sp-flimgr03.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sp-ttximport02.rbb-online.de
mi-s4-1.rbb-online.de
sp-vcrpad02.rbb-online.de
sp-view01.ad.rbb-online.de
presseservice.rbb-online.de
rbbot1ev1.rbb-online.de
ttool-extern.rbb-online.de
ref-s0.w3.rbb-online.de
sp-wsa01-p1.rbb-online.de
mediathek-origin.rbb-online.de
sp-jobsmgr01.rbb-online.de
intranet-s0.rbb-online.de
distribution-status.rbb-online.de
mimo.rbb-online.de
munki.rbb-online.de
ndr-news.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sf-ad1.ad.rbb-online.de
sp-fmc01.rbb-online.de
rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
i-doit-i.rbb-online.de
rbblog.rbb-online.de
distribution-status.rbb-online.de
sts.rbb-online.de
evo-p-awx.rbb-online.de
lodoas03.rbb-online.de
sp-im02.rbb-online.de
data.rbb-online.de
sp-ise01.rbb-online.de
sp-dsp-prod01.ad.rbb-online.de
webdoku.rbb-online.de
mi-5.rbb-online.de
webapplog.rbb-online.de
data-vis.rbb-online.de
sp-webdav01.ad.rbb-online.de
smr.rbb-online.de
m-relayb02i.rbb-online.de
rbb-online.de
rbb-online.de
m-relayp02i.rbb-online.de
sp-ttximport02.rbb-online.de
distribution-status.rbb-online.de
m-relayb02.rbb-online.de
distribution-status.rbb-online.de
ip-mgmt.rbb-online.de
ucmobile.rbb-online.de
sb-ad3.ad.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
sb-osuca01.rbb-online.de
entree-b.rbb-online.de
medienbroker.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
docs.rbb-online.de
evo-static.rbb-online.de
rbb-online.de
sc-ad1.ad.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
ptp-gm-b.rbb-online.de
rmsext.rbb-online.de
rbb-online.de
mi-s3-1.rbb-online.de
sp-ad4.ad.rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
mond-mk.rbb-online.de
orbitdvb41.rbb-online.de
birddoghrstatus.paradox.ai
evo-s-awx.rbb-online.de
evo-t1.rbb-online.de
rbb-online.de
sb-aks-dpe00.ad.rbb-online.de
evo-p-fusion.rbb-online.de
evo-data.rbb-online.de
rbb-mon.rbb-online.de
webdoku.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
sb-ise01.rbb-online.de
sp-cpi02.rbb-online.de
entree-b.rbb-online.de
entree-p.rbb-online.de
sb-tipath01.rbb-online.de
sp-ise01.rbb-online.de
sp-mon-mk1.rbb-online.de
mi-vsp02.rbb-online.de
distribution-status.rbb-online.de
sf-ad1.ad.rbb-online.de
ref.rbb-online.de
sp-flimgr03.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sp-ttximport02.rbb-online.de
mi-s4-1.rbb-online.de
sp-vcrpad02.rbb-online.de
sp-view01.ad.rbb-online.de
presseservice.rbb-online.de
rbbot1ev1.rbb-online.de
ttool-extern.rbb-online.de
ref-s0.w3.rbb-online.de
sp-wsa01-p1.rbb-online.de
mediathek-origin.rbb-online.de
sp-jobsmgr01.rbb-online.de
intranet-s0.rbb-online.de
distribution-status.rbb-online.de
mimo.rbb-online.de
munki.rbb-online.de
ndr-news.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sf-ad1.ad.rbb-online.de
sp-fmc01.rbb-online.de
rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
i-doit-i.rbb-online.de
rbblog.rbb-online.de
distribution-status.rbb-online.de
sts.rbb-online.de
evo-p-awx.rbb-online.de
lodoas03.rbb-online.de
sp-im02.rbb-online.de
data.rbb-online.de
sp-ise01.rbb-online.de
sp-dsp-prod01.ad.rbb-online.de
webdoku.rbb-online.de
mi-5.rbb-online.de
webapplog.rbb-online.de
data-vis.rbb-online.de
sp-webdav01.ad.rbb-online.de
smr.rbb-online.de
m-relayb02i.rbb-online.de
rbb-online.de
rbb-online.de
m-relayp02i.rbb-online.de
sp-ttximport02.rbb-online.de
distribution-status.rbb-online.de
m-relayb02.rbb-online.de
distribution-status.rbb-online.de
ip-mgmt.rbb-online.de
ucmobile.rbb-online.de
sb-ad3.ad.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
sb-osuca01.rbb-online.de
entree-b.rbb-online.de
medienbroker.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
docs.rbb-online.de
evo-static.rbb-online.de
rbb-online.de
sc-ad1.ad.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
ptp-gm-b.rbb-online.de
rmsext.rbb-online.de
rbb-online.de
mi-s3-1.rbb-online.de
sp-ad4.ad.rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
mond-mk.rbb-online.de
orbitdvb41.rbb-online.de
birddoghrstatus.paradox.ai
evo-s-awx.rbb-online.de
evo-t1.rbb-online.de
rbb-online.de
sb-aks-dpe00.ad.rbb-online.de
evo-p-fusion.rbb-online.de
evo-data.rbb-online.de
rbb-mon.rbb-online.de
webdoku.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
sb-ise01.rbb-online.de
sp-cpi02.rbb-online.de
entree-b.rbb-online.de
entree-p.rbb-online.de
sb-tipath01.rbb-online.de
sp-ise01.rbb-online.de
sp-mon-mk1.rbb-online.de
Certificate
The complete raw certificate details for sp-ad2.ad.rbb-online.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHYDCCBkigAwIBAgIMIUUU4PQNSTVC/dxJMA0GCSqGSIb3DQEBCwUAMIGNMQsw CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTE5 MDcxMDA3NDQyMVoXDTIxMTAxMTA3NDQyMVowgYUxCzAJBgNVBAYTAkRFMQ8wDQYD VQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEkMCIGA1UECgwbUnVuZGZ1bmsg QmVybGluLUJyYW5kZW5idXJnMQwwCgYDVQQLDANPdUkxIDAeBgNVBAMMF3NwLWFk Mi5hZC5yYmItb25saW5lLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEArLRfzEP5oTLsu3+4C4PuKzMKhJ1RWHvPyJ8BcePte/w04tqKQFxh2rVXtMFW D8yn25+mqL48V5wHZ2yfgC4S1hzkzloSGFOm7aCm8W9+J62XrSb6p4ZXcSNUGCCg c2LiSDfCAAaH/0+keSwNIVal536zHZ3RTSYPSET9pUueWx7IwTmyAaxJH95LsVmg Msse5oCd2hSfRRjy/5bxUan7QQhMaWkZ399XhL7DtnF3mKkx67mWdMwakjrbjy7i oKWzAzc+MY4i/MYDbsmZ/eH22GSvd9FDVhlzt8FxvdNDFsZ5y4RCYlY0hpovUx+6 o+vs8Bph+9bQ1nsafIZI8/HrG+KeiU1eSjD1hQufisA/uZYzyJDjy+WQwd0OJfA9 +flaxGqSaPyH3v3M4K0waJ0ZFZ97P3z7vieQUNHgc3phsVKFrHt7SMRws64bn/B7 xOuxIwS3rBlyfTfPwLIqrUoHagOQMuws5Y4L6RQDr17ZFy+ILWWWaXmUbr58LckR PiC/pQZOA3IquLJiVWwBB6Rl2zDXKb4ak1J7lSPljHhOqNwTYx3FwqRmkvVVd/W3 IybO2eLQsq7ZeoqtyKv5m6Ctrk/ex+sMSvJmnsCER4rTKfEW8sbN2ooDzJmb5qks mzpAQIYoHESoq2whvpy2RZRI4eJpPbiBx7v+f+tZjlmA9WUCAwEAAaOCAsQwggLA MFcGA1UdIARQME4wCAYGZ4EMAQICMA0GCysGAQQBga0hgiweMA8GDSsGAQQBga0h giwBAQQwEAYOKwYBBAGBrSGCLAEBBAQwEAYOKwYBBAGBrSGCLAIBBAQwCQYDVR0T BAIwADAOBgNVHQ8BAf8EBAMCBaAwMgYDVR0lBCswKQYIKwYBBQUHAwIGCCsGAQUF BwMBBgorBgEEAYI3FAICBgcrBgEFAgMFMC8GCSsGAQQBgjcUAgQiHiAARABvAG0A YQBpAG4AQwBvAG4AdAByAG8AbABsAGUAcjAdBgNVHQ4EFgQUsO/MBexl8aQQzIGY 4MbAPhvUSJowHwYDVR0jBBgwFoAUazqYi/nyU4na4K2yMh4JH+iqO3QwIgYDVR0R BBswGYIXc3AtYWQyLmFkLnJiYi1vbmxpbmUuZGUwgY0GA1UdHwSBhTCBgjA/oD2g O4Y5aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9j cmwvY2FjcmwuY3JsMD+gPaA7hjlodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi1j YS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmwwgdsGCCsGAQUFBwEBBIHOMIHL MDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZuLmRlL09DU1AtU2VydmVy L09DU1AwSQYIKwYBBQUHMAKGPWh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZuLWNh LWdsb2JhbC1nMi9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwSQYIKwYBBQUHMAKGPWh0 dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY2FjZXJ0 L2NhY2VydC5jcnQwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQAD ggEBAIzxWvPN3cVEit72taFR2dZKe/2uWn7g5WotqY4aTX96PEDLu2xemFRpO0jc h+5BjgbkHzBvCzb4841kOQ1u7lJ7ECSnw9+CtkvMGVqeTKbtSAbhA4BlniQT4v5M tqnUoIXf2tk2Q6bZAuO3eXj1VCoKoeDDRSB9uaqD424SYgbvu8Zs/lGhv03Xr6HR TYwpSr6eDzwxz1+F/Z66GxnIe1EwPhAv6e2cRvZ9QPDYtySdOy2aUjmu686LqRen qjD9ifK4SklYbZS+YhHHboEbZG5pQ9fTM4NbffU0ZMjHXsW/disB+tC12kovcfYC vxIARC+uVllAoJHYVbsX1zX6NRA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArLRfzEP5oTLsu3+4C4Pu KzMKhJ1RWHvPyJ8BcePte/w04tqKQFxh2rVXtMFWD8yn25+mqL48V5wHZ2yfgC4S 1hzkzloSGFOm7aCm8W9+J62XrSb6p4ZXcSNUGCCgc2LiSDfCAAaH/0+keSwNIVal 536zHZ3RTSYPSET9pUueWx7IwTmyAaxJH95LsVmgMsse5oCd2hSfRRjy/5bxUan7 QQhMaWkZ399XhL7DtnF3mKkx67mWdMwakjrbjy7ioKWzAzc+MY4i/MYDbsmZ/eH2 2GSvd9FDVhlzt8FxvdNDFsZ5y4RCYlY0hpovUx+6o+vs8Bph+9bQ1nsafIZI8/Hr G+KeiU1eSjD1hQufisA/uZYzyJDjy+WQwd0OJfA9+flaxGqSaPyH3v3M4K0waJ0Z FZ97P3z7vieQUNHgc3phsVKFrHt7SMRws64bn/B7xOuxIwS3rBlyfTfPwLIqrUoH agOQMuws5Y4L6RQDr17ZFy+ILWWWaXmUbr58LckRPiC/pQZOA3IquLJiVWwBB6Rl 2zDXKb4ak1J7lSPljHhOqNwTYx3FwqRmkvVVd/W3IybO2eLQsq7ZeoqtyKv5m6Ct rk/ex+sMSvJmnsCER4rTKfEW8sbN2ooDzJmb5qksmzpAQIYoHESoq2whvpy2RZRI 4eJpPbiBx7v+f+tZjlmA9WUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10296519802643919197874019401 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-10 07:44:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-11 07:44:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rundfunk Berlin-Brandenburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OuI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'sp-ad2.ad.rbb-online.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 704573242895852772858027886836506688924081534441899411628577083060450919356680752648721004990550192278776369782082055877628633189372060553883866097117746707458001723513474288628418575094531273298097214327114771817189182419154726183014174458549921863999999173302225310870173399484821787382120389589904996734811796774850510371954405141794545738458104424227556748352778481859159807107727670837652295106968624368514413081865559318627958619377183394128955332203702963280759319864651399305379943208049203958008984963807250439824790644122360490683122850300494323546408582588769669408313554365428325913381903349552532656227572801985909235955881892234366341431668287707653150297712659587087133223047556844890144305495822095516563055256448589998512058971669207692963059570744243594326830545927928824150793986740701346157853104698278754197452891620663652600497800075664110888918610206038815292605736645195443579026887074753366408186152476369178133029113298031393039916995879910497404512433846311527471769626129324721751701104527303002495812647172354701182009924131182825718545850649621607194273840483931588057050452613853142566623706568712771439391565269854197426283821843694063141708974275747465820890367463277649438033229507877848763993224549 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.2 (smartcardLogon) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.2.3.5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2 (enrollCerttypeExtension) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:30|false] BMPString [0 68 0 111 0 109 0 97 0 105 0 110 0 67 0 111 0 110 0 116 0 114 0 111 0 108 0 108 0 101 0 114] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b0efcc05ec65f1a410cc8198e0c6c03e1bd4489a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sp-ad2.ad.rbb-online.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008cf15af3cdddc5448adef6b5a151d9d64a7bfdae5a7ee0e56a2da98e1a4d7f7a3c40cbbb6c5e9854693b48dc87ee418e06e41f306f0b36f8f38d64390d6eee527b1024a7c3df82b64bcc195a9e4ca6ed4806e10380659e2413e2fe4cb6a9d4a085dfdad93643a6d902e3b77978f5542a0aa1e0c345207db9aa83e36e126206efbbc66cfe51a1bf4dd7afa1d14d8c294abe9e0f3c31cf5f85fd9eba1b19c87b51303e102fe9ed9c46f67d40f0d8b7249d3b2d9a5239aeebce8ba917a7aa30fd89f2b84a49586d94be6211c76e811b646e6943d7d333835b7df53464c8c75ec5bf762b01fad0b5da4a2f71f602bf1200442fae565940a091d855bb17d735fa3510