lrzidp.lrz.de
- Bayerische Akademie der Wissenschaften -
Issued by LRZ-CA - G01
About this certificate
This digital certificate with serial number 18:42:3e:e1:82:ec:54 was issued on by Leibniz-Rechenzentrum.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types. (BRs: 7.1.4.2.1)
- KeyUsage [ContentCommitment DigitalSignature KeyEncipherment] (00000111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Bayerische Akademie der Wissenschaften
Organization:
Bayerische Akademie der Wissenschaften
Organization unit: Leibniz-Rechenzentrum
Organization unit: Leibniz-Rechenzentrum
State / Province:
Bayern
Locality: Garching b. Muenchen
Country: DE
Locality: Garching b. Muenchen
Country: DE
Leibniz-Rechenzentrum
Organization:
Leibniz-Rechenzentrum
Organization unit: LRZ-CA
Organization unit: LRZ-CA
State / Province:
Bayern
Locality: Muenchen
Country: DE
Locality: Muenchen
Country: DE
This certificate has expire since
Certificate Details
Serial Number (hex): 18:42:3e:e1:82:ec:54Serial Number (int): 6828237279915092
Serial Number lenght: 53 bits, 7 octets
SubjectKeyId: be:e3:33:03:d8:e7:fd:ee:79:92:ec:30:c6:c1:b7:eb:d9:21:b2:b0
AuthorityKeyId: 96:5b:4c:70:bb:6f:fc:9c:ef:b5:3f:a4:7a:fb:93:ff:09:ea:6a:76
Fingerprint (sha1): 66:0c:b7:3d:50:95:36:fb:dc:6a:a3:7b:77:a4:1f:1f:a9:eb:11:f7
Fingerprint (sha256): 06:18:0f:98:e4:b6:de:75:d5:6d:41:4e:15:70:f1:f9:35:26:3a:7e:22:60:59:50:48:3e:07:76:16:2f:40:94
Issuing Certificate URL: http://cdp1.pca.dfn.de/lrz-ca/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/lrz-ca/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/lrz-ca/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/lrz-ca/pub/crl/cacrl.crl
Check the revocation status for certificate lrzidp.lrz.de
6
DNS Names
1
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lrzidp.lrz.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Content Commitment
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
Other certificates including the domain name lrz.de
(limited to 100 certificates)
wwwv1.mwn.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
wwwv1.mwn.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
wwwv1.mwn.de
Certificate
The complete raw certificate details for lrzidp.lrz.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgIHGEI+4YLsVDANBgkqhkiG9w0BAQsFADCBnTELMAkGA1UE BhMCREUxDzANBgNVBAgTBkJheWVybjERMA8GA1UEBxMITXVlbmNoZW4xHjAcBgNV BAoTFUxlaWJuaXotUmVjaGVuemVudHJ1bTEPMA0GA1UECxMGTFJaLUNBMRUwEwYD VQQDEwxMUlotQ0EgLSBHMDExIjAgBgkqhkiG9w0BCQEWE3BraUBscnotbXVlbmNo ZW4uZGUwHhcNMTQwOTI0MTMwNDE4WhcNMTkwNzA5MjM1OTAwWjCBpjELMAkGA1UE BhMCREUxDzANBgNVBAgTBkJheWVybjEdMBsGA1UEBxMUR2FyY2hpbmcgYi4gTXVl bmNoZW4xLzAtBgNVBAoTJkJheWVyaXNjaGUgQWthZGVtaWUgZGVyIFdpc3NlbnNj aGFmdGVuMR4wHAYDVQQLExVMZWlibml6LVJlY2hlbnplbnRydW0xFjAUBgNVBAMT DWxyemlkcC5scnouZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx t8+GWafraqMospDHenrOrAISX5HeJurj9I5SVF5gwJVrcgHy6/AOyU/MbrCBL/2O tlJCDsg4s8eBZQwx6a1nBbRHzxSmthMr6JDA0+y0FwGzOgUhF/XjEvHMHlIR49HR 3f5LkO/ZBGWhWulJwD3ERQN0/1BcZMXvRceyqgqpwsLzNBwLwp2YUjoZwRnDMWdu Uzy5e0l41lXPhLu+99lO0XnYO5bMai1px2u//w8wtVYxkYRqJ6g1EvrpWJXVTGq2 E5ezNX80ErAt2ttPP2YAchLxHOax/FOlor8q5Wwo60jkQxIIBTbY9W5ab19WHU52 32z126AigkiXCMEkcz15AgMBAAGjggKHMIICgzBPBgNVHSAESDBGMBEGDysGAQQB ga0hgiwBAQQDAjARBg8rBgEEAYGtIYIsAgEEAwEwDwYNKwYBBAGBrSGCLAEBBDAN BgsrBgEEAYGtIYIsHjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAU BggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFL7jMwPY5/3ueZLsMMbBt+vZ IbKwMB8GA1UdIwQYMBaAFJZbTHC7b/yc77U/pHr7k/8J6mp2MHYGA1UdEQRvMG2C CmlkcC5scnouZGWCC2lkcDEubHJ6LmRlggtpZHAyLmxyei5kZYINbHJ6aWRwLmxy ei5kZYIObHJ6aWRwMS5scnouZGWCDmxyemlkcDIubHJ6LmRlgRZ6YnZ3LWNlcnQt YWRtaW5AbHJ6LmRlMHcGA1UdHwRwMG4wNaAzoDGGL2h0dHA6Ly9jZHAxLnBjYS5k Zm4uZGUvbHJ6LWNhL3B1Yi9jcmwvY2FjcmwuY3JsMDWgM6Axhi9odHRwOi8vY2Rw Mi5wY2EuZGZuLmRlL2xyei1jYS9wdWIvY3JsL2NhY3JsLmNybDCBxwYIKwYBBQUH AQEEgbowgbcwMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NT UC1TZXJ2ZXIvT0NTUDA/BggrBgEFBQcwAoYzaHR0cDovL2NkcDEucGNhLmRmbi5k ZS9scnotY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MD8GCCsGAQUFBzAChjNodHRw Oi8vY2RwMi5wY2EuZGZuLmRlL2xyei1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQw DQYJKoZIhvcNAQELBQADggEBADrPD4GN7XpZSyxGBvHy+7fMrJNxyWybTsHkyiAI XGUF/jn9m7Bnvucb60PzyzJ5aD63AsaeSxSXDyYpNzne93O1aEtXyveTeFhbRyx1 Wcf5G1KbRbljULRatUJSOggUWO4HerToAobx4xXyFrD7aPQkGGFVnqemjOnE4A4e rl8OfaKkOu43F4KbxVUf2zcSQ5h4qdbwORNXCxNNGfKlzphRMpq7V4B6Z8+i7FCx BDOcL0w+IjJuDkD8Jf5DMiEGUIppU2vYOylvYENKX2Mdd4ZMcOw2d1jqC0xC/8qj RXNKbj96BedS8e05bbrOSj9H7/qX5osIxDaY+rr6g3HF+2c= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbfPhlmn62qjKLKQx3p6 zqwCEl+R3ibq4/SOUlReYMCVa3IB8uvwDslPzG6wgS/9jrZSQg7IOLPHgWUMMemt ZwW0R88UprYTK+iQwNPstBcBszoFIRf14xLxzB5SEePR0d3+S5Dv2QRloVrpScA9 xEUDdP9QXGTF70XHsqoKqcLC8zQcC8KdmFI6GcEZwzFnblM8uXtJeNZVz4S7vvfZ TtF52DuWzGotacdrv/8PMLVWMZGEaieoNRL66ViV1UxqthOXszV/NBKwLdrbTz9m AHIS8RzmsfxTpaK/KuVsKOtI5EMSCAU22PVuWm9fVh1Odt9s9dugIoJIlwjBJHM9 eQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6828237279915092 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bayern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Muenchen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Leibniz-Rechenzentrum' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LRZ-CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'LRZ-CA - G01' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-09-24 13:04:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-09 23:59:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bayern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Garching b. Muenchen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bayerische Akademie der Wissenschaften' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Leibniz-Rechenzentrum' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lrzidp.lrz.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22434820385650393459129307208920123665615429780048456917138907318642115644556281696200436155993838365244706403942661989170191207212980545417314960384641980415937567409655428912597943454042496278389016784360825848189459078445075687219794273230464520239943484268891180880457145211464461043724524260654177295312434433182398344496910916965894368453113698888673059243713895246017436030823397957439606046539805668954517177723325185715847938317261157641747116957435927777286011823686712496723068779036239761234090453164513069441030501035996585222851491955882177541322787806154558157366367945989310364916006648470060299140473 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.3.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.3.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05e0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bee33303d8e7fdee7992ec30c6c1b7ebd921b2b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 965b4c70bb6ffc9cefb53fa47afb93ff09ea6a76 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (111 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp1.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp2.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lrzidp.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lrzidp1.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lrzidp2.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '[email protected]' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/lrz-ca/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/lrz-ca/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (186 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/lrz-ca/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/lrz-ca/pub/cacert/cacert.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003acf0f818ded7a594b2c4606f1f2fbb7ccac9371c96c9b4ec1e4ca20085c6505fe39fd9bb067bee71beb43f3cb3279683eb702c69e4b14970f26293739def773b5684b57caf79378585b472c7559c7f91b529b45b96350b45ab542523a081458ee077ab4e80286f1e315f216b0fb68f4241861559ea7a68ce9c4e00e1eae5f0e7da2a43aee3717829bc5551fdb3712439878a9d6f03913570b134d19f2a5ce9851329abb57807a67cfa2ec50b104339c2f4c3e22326e0e40fc25fe43322106508a69536bd83b296f60434a5f631d77864c70ec367758ea0b4c42ffcaa345734a6e3f7a05e752f1ed396dbace4a3f47effa97e68b08c43698fabafa8371c5fb67