moses-dmp.gfz-potsdam.de

- Helmholtz-Zentrum Potsdam - Deutsches GeoForschungsZentrum GFZ -

Issued by DFN-Verein Global Issuing CA

About this certificate

This digital certificate with serial number 22:3f:a0:26:a3:22:6a:c1:3f:1c:99:70 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Helmholtz-Zentrum Potsdam - Deutsches GeoForschungsZentrum GFZ

Organization: Helmholtz-Zentrum Potsdam - Deutsches GeoForschungsZentrum GFZ
Organization unit: eScience Centre
State / Province: Brandenburg
Locality: Potsdam
Country: DE

Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.

Organization: Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Country: DE

This certificate has expire since

Certificate Details

Serial Number (hex): 22:3f:a0:26:a3:22:6a:c1:3f:1c:99:70
Serial Number (int): 10599408951930063274456684912
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: ba:c8:b5:35:1d:8e:f1:62:c8:31:66:49:71:d7:b9:07:ae:ee:e9:b2
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74

Fingerprint (sha1): fb:40:13:9d:c1:f0:eb:0b:54:f8:49:d4:97:55:50:c2:c4:5d:ea:93
Fingerprint (sha256): 09:2e:c6:25:26:91:ca:14:46:94:36:1e:fd:d8:60:c4:aa:63:82:56:5d:0a:e6:35:ae:a4:80:13:54:64:a9:61

Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt

Revocation information

OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSP
CRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl

Check the revocation status for certificate moses-dmp.gfz-potsdam.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for moses-dmp.gfz-potsdam.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

moses-dmp.gfz-potsdam.de

Other certificates including the domain name gfz-potsdam.de

(limited to 100 certificates)
geofon.gfz-potsdam.de
rz-vcs1.gfz-potsdam.de
d3m.gfz-potsdam.de
rz-vm140.gfz-potsdam.de
hydro.gfz-potsdam.de
gisasaprouter.gfz-potsdam.de
sec21-dmz1b.gfz-potsdam.de
hydro.gfz-potsdam.de
sec21-dmz1b.gfz-potsdam.de
wol.gfz-potsdam.de
webstats.gfz-potsdam.de
email.gwdg.de
mobilehub.gfz-potsdam.de
intranet.gfz-potsdam.de
dokuwiki.gfz-potsdam.de
sec21-dmz2b.gfz-potsdam.de
moses-dmp.gfz-potsdam.de
spaceweather.gfz-potsdam.de
events.gfz-potsdam.de
rbm9.gfz-potsdam.de
nera-ern.gfz-potsdam.de
api.itsm.gfz-potsdam.de
wlc.gfz-potsdam.de
ebissiq.gfz-potsdam.de
exportcontrol.gfz-potsdam.de
rz-support.gfz-potsdam.de
sec21-dmz1b.gfz-potsdam.de
email.gwdg.de
git.gfz-potsdam.de
rz-vm175.gfz-potsdam.de
hydro.gfz-potsdam.de
varve.gfz-potsdam.de
idp-dev.gfz-potsdam.de
webstats.gfz-potsdam.de
geomagia.gfz-potsdam.de
www.gfz-potsdam.de
fw-ext.gfz-potsdam.de
rz-vm213.gfz-potsdam.de
fw-ext.gfz-potsdam.de
geofon.gfz-potsdam.de
gfzpublic.gfz-potsdam.de
eismassendynamik.gfz-potsdam.de
rz-vm174.gfz-potsdam.de
rz-vm112.gfz-potsdam.de
simultan.gfz-potsdam.de
events.gfz-potsdam.de
rz-vm234.gfz-potsdam.de
gfzock.gfz-potsdam.de
collabora.gfz-potsdam.de
www-app5.gfz-potsdam.de
enhsp.gfz-potsdam.de
timeseries.gfz-potsdam.de
printer-core.gfz-potsdam.de
rz-vm457.gfz-potsdam.de
nextcloud.gfz-potsdam.de
geomagia.gfz-potsdam.de
escidoc.gfz-potsdam.de
idp-test.gfz-potsdam.de
sec21-bbb.gfz-potsdam.de
rz-vm62.gfz-potsdam.de
rz-vm119.gfz-potsdam.de
gfz-potsdam.de
ccmp-pompei.gfz-potsdam.de
moses-dmp.gfz-potsdam.de
wlantickets.gfz-potsdam.de
aschera.gfz-potsdam.de
dep1doc.gfz-potsdam.de
varve.gfz-potsdam.de
index-search-prod.gfz-potsdam.de
ebiss.gfz-potsdam.de
rz-vm89.gfz-potsdam.de
gisasaprouter.gfz-potsdam.de
www.gfz-potsdam.de
forms.gfz-potsdam.de
asip.gfz-potsdam.de
bscw.gfz-potsdam.de
nextcloud.gfz-potsdam.de
benno.gfz-potsdam.de
ad.gfz-potsdam.de
rz-vm278.gfz-potsdam.de
intranet-test.gfz-potsdam.de
rz-ftp1.gfz-potsdam.de
s3ceph.gfz-potsdam.de
ssl.gfz-potsdam.de
moses-data.gfz-potsdam.de
egsim.gfz-potsdam.de
systemerde.gfz-potsdam.de
itsm.gfz-potsdam.de
dataservices.gfz-potsdam.de
rz-monstor3.gfz-potsdam.de
geso122.gfz-potsdam.de
d3m.gfz-potsdam.de
v4-server3.gfz-potsdam.de
trideccloud.gfz-potsdam.de
rz-vm65-dev.gfz-potsdam.de
otms.gfz-potsdam.de
kg3-dmz.gfz-potsdam.de
benno.gfz-potsdam.de
ldapext.gfz-potsdam.de
rz-vm121.gfz-potsdam.de

Certificate

The complete raw certificate details for moses-dmp.gfz-potsdam.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJLTCCCBWgAwIBAgIMIj+gJqMiasE/HJlwMA0GCSqGSIb3DQEBCwUAMIGNMQsw
CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t
UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIw
MDExNjA4NDUxMVoXDTIyMDQxOTA4NDUxMVowgbsxCzAJBgNVBAYTAkRFMRQwEgYD
VQQIDAtCcmFuZGVuYnVyZzEQMA4GA1UEBwwHUG90c2RhbTFHMEUGA1UECgw+SGVs
bWhvbHR6LVplbnRydW0gUG90c2RhbSAtIERldXRzY2hlcyBHZW9Gb3JzY2h1bmdz
WmVudHJ1bSBHRloxGDAWBgNVBAsMD2VTY2llbmNlIENlbnRyZTEhMB8GA1UEAwwY
bW9zZXMtZG1wLmdmei1wb3RzZGFtLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
MIICCgKCAgEAz7a+rPVDIWjds7pnu01b+VMkNPsyRH//rMXYXDcgYoG4c+N3Ks0Q
Zn4mH2q9wfiv5xBLQXYeFo3REEJwYGoErdZfYxRZwugve2Bn2TZPQw3c+Gr1Bn5A
tdCmA9qg0ZQFUKSuhPJSZLFgIZ7IZoX4X8UXReFCV2BJZeO5jby+tUfIfrIqegBI
prfc4maPk0k0/tnL1WgLoK456QfS2N226C9npq+fGO7EWKbDXoYAlZt+rq3S2c4j
jobRF4kyGKph0lAV46a6XCnaB8LowAydK6+H5NUS4qC/U5NeBhHT1+KGw/eabHal
jg5hej7kjj6VEP7WvioBWmP1Lo5c16UjwhWEV7wWFRh8mpYuI2jua1R7oAFod+Zj
w9zZc07miGBpQxOzlSRfd86GmcTLMJatuJ6tDhJUPhlCbRx+4q073vNbV0YLTtAw
YxbYaxxrOkC/zRbOmBVtqCwX0Y8Lmq2jGvJuKbLCwn6jS1arL+Y3gAo5mkZwqJ0z
KQjLoZ8krHeCfkKir5LG15Glggqh0fCXG/bPhmYktMJMkGMEOkFN3//cxRYxOGRe
jZ06TcbdabCPyoElYxO52hfrJ2hGWNNNG5lKPAlmXwSX33P00yXCY8KuIUlDqOwv
fpz07J4Wi4lxBu0DzjjiY37fMOO8RR7D7zALoGal2fAzWtsJKUAb2gMCAwEAAaOC
BFswggRXMFcGA1UdIARQME4wCAYGZ4EMAQICMA0GCysGAQQBga0hgiweMA8GDSsG
AQQBga0hgiwBAQQwEAYOKwYBBAGBrSGCLAEBBAQwEAYOKwYBBAGBrSGCLAIBBAQw
CQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
HQYDVR0OBBYEFLrItTUdjvFiyDFmSXHXuQeu7umyMB8GA1UdIwQYMBaAFGs6mIv5
8lOJ2uCtsjIeCR/oqjt0MCMGA1UdEQQcMBqCGG1vc2VzLWRtcC5nZnotcG90c2Rh
bS5kZTCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vY2RwMS5wY2EuZGZuLmRl
L2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmwwP6A9oDuGOWh0dHA6
Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3JsL2NhY3Js
LmNybDCB2wYIKwYBBQUHAQEEgc4wgcswMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3Nw
LnBjYS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBJBggrBgEFBQcwAoY9aHR0cDov
L2NkcDEucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNlcnQvY2Fj
ZXJ0LmNydDBJBggrBgEFBQcwAoY9aHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4t
Y2EtZ2xvYmFsLWcyL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDCCAfcGCisGAQQB1nkC
BAIEggHnBIIB4wHhAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csA
AAFvrYc0rAAABAMARzBFAiBMVvoyS0Fm7J1XD03c9g2Bu3isGKVuNNp5JDSjbLw8
hwIhALmE9u3Eq0OrGDfdABX855Hc2FvkwPtztz6oJznXfUliAHYAu9nfvB+KcbWT
lCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFvrYc04gAABAMARzBFAiEA+aXebByc
QpBFHxOYGjZM+Mt2xzAS1AhwqHqtH5AY7z4CIExnOavRnd5zi5sSeZR067PJc4F6
s7D+s56sSLlz2BiIAHcAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMA
AAFvrYc0uQAABAMASDBGAiEA4s+EvLo0i1xGp4TMqYTQdj22ljprJZ/Gii4WXMIU
QXkCIQDAovmI8jekPGm0GFjDwOaensqeS4R1PM44PZqm8HsttAB2AFWB1MIWkDYB
SuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABb62HNb8AAAQDAEcwRQIgQrogu6Cz
854tVEp2yAaONy7i8Vbp8bGz/8svgRsEQkwCIQDjeNC2qVNHd7LQYdZnqH3M6ILq
LTAjEPLJqg61kPF/HzANBgkqhkiG9w0BAQsFAAOCAQEALMTzV+oJblIwv0zYBaMg
9W7q2u2qv+CvK7e3XL3z5poBAgQae6cJTE1Zu4hUGNSIP1zy82cTPG5Ngv6jiki2
N//VrSDtu+dZCfpqqW3ez6EPm7wrCBeO8zG5Dap8kl8HwclLvI/+IaAcPnR6i6Qg
yafYkpClalTC84OpSz3dAkmCGP9QpiCJCzP0U/T6Y4mQuBcW2dDAikJF1yC7vHna
gSOfbzQk7Vv3GYfyUKvnQwK24JgLOj6gYzyhxEOPXMHtiNTE1d0dGh7hJ/Kg5VWb
0uNDa1T44SFNCXa3MTafMrpQL2CPSAgZtJ9EHO3rab6lX2l6fct1clN0zWz8Lwbi
iA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAz7a+rPVDIWjds7pnu01b
+VMkNPsyRH//rMXYXDcgYoG4c+N3Ks0QZn4mH2q9wfiv5xBLQXYeFo3REEJwYGoE
rdZfYxRZwugve2Bn2TZPQw3c+Gr1Bn5AtdCmA9qg0ZQFUKSuhPJSZLFgIZ7IZoX4
X8UXReFCV2BJZeO5jby+tUfIfrIqegBIprfc4maPk0k0/tnL1WgLoK456QfS2N22
6C9npq+fGO7EWKbDXoYAlZt+rq3S2c4jjobRF4kyGKph0lAV46a6XCnaB8LowAyd
K6+H5NUS4qC/U5NeBhHT1+KGw/eabHaljg5hej7kjj6VEP7WvioBWmP1Lo5c16Uj
whWEV7wWFRh8mpYuI2jua1R7oAFod+Zjw9zZc07miGBpQxOzlSRfd86GmcTLMJat
uJ6tDhJUPhlCbRx+4q073vNbV0YLTtAwYxbYaxxrOkC/zRbOmBVtqCwX0Y8Lmq2j
GvJuKbLCwn6jS1arL+Y3gAo5mkZwqJ0zKQjLoZ8krHeCfkKir5LG15Glggqh0fCX
G/bPhmYktMJMkGMEOkFN3//cxRYxOGRejZ06TcbdabCPyoElYxO52hfrJ2hGWNNN
G5lKPAlmXwSX33P00yXCY8KuIUlDqOwvfpz07J4Wi4lxBu0DzjjiY37fMOO8RR7D
7zALoGal2fAzWtsJKUAb2gMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10599408951930063274456684912
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-16 08:45:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-19 08:45:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Brandenburg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Potsdam'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Helmholtz-Zentrum Potsdam - Deutsches GeoForschungsZentrum GFZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'eScience Centre'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'moses-dmp.gfz-potsdam.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 847398563673621096565441056370409474855331567270460389717633345710003684120115743333659375251662130702665040459169282724505887139822773629127740416744716875767309876945082689654737525983288448598791495915954050031362129672317252997566605788418871312895971104033561144435152033106073090697405069223428651516905663708614452122427397402665965811392940837957801331148113771322662933118464448121719805547866786372685122095795991710741576443190177322750650849288139550362725652477704781451581438837413924631099827914392691057603789741385498911134422309030810942211732954587927899436054594473310435007468026547143764399838620464152661366284460907751812910356812508158152868567773862838450972318813692697002291327636145035104565025577660439364412157944317173497834585414113590510459335959977312551024264781171671154952600214598323626499764523710374428986732477152395746522512867712316193064224422775516731752898332393609671206352689396266279184050273017427024609808348367656127965516309730456605671276941006338318035829691082203663994567336428355750706342222488089814924692941830222719853679777649822932893464678223030524314168695039824748256131712017837487348685074575157746738279588603268179081010630138702025203334567065622533636987017731
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							bac8b5351d8ef162c831664971d7b907aeeee9b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'moses-dmp.gfz-potsdam.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
							01e1007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016fad8734ac000004030047304502204c56fa324b4166ec9d570f4ddcf60d81bb78ac18a56e34da792434a36cbc3c87022100b984f6edc4ab43ab1837dd0015fce791dcd85be4c0fb73b73ea82739d77d4962007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016fad8734e20000040300473045022100f9a5de6c1c9c4290451f13981a364cf8cb76c73012d40870a87aad1f9018ef3e02204c6739abd19dde738b9b12799474ebb3c973817ab3b0feb39eac48b973d818880077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016fad8734b90000040300483046022100e2cf84bcba348b5c46a784cca984d0763db6963a6b259fc68a2e165cc2144179022100c0a2f988f237a43c69b41858c3c0e69e9eca9e4b84753cce383d9aa6f07b2db40076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016fad8735bf0000040300473045022042ba20bba0b3f39e2d544a76c8068e372ee2f156e9f1b1b3ffcb2f811b04424c022100e378d0b6a9534777b2d061d667a87dcce882ea2d302310f2c9aa0eb590f17f1f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002cc4f357ea096e5230bf4cd805a320f56eeadaedaabfe0af2bb7b75cbdf3e69a0102041a7ba7094c4d59bb885418d4883f5cf2f367133c6e4d82fea38a48b637ffd5ad20edbbe75909fa6aa96ddecfa10f9bbc2b08178ef331b90daa7c925f07c1c94bbc8ffe21a01c3e747a8ba420c9a7d89290a56a54c2f383a94b3ddd02498218ff50a620890b33f453f4fa638990b81716d9d0c08a4245d720bbbc79da81239f6f3424ed5bf71987f250abe74302b6e0980b3a3ea0633ca1c4438f5cc1ed88d4c4d5dd1d1a1ee127f2a0e5559bd2e3436b54f8e1214d0976b731369f32ba502f608f480819b49f441cedeb69bea55f697a7dcb75725374cd6cfc2f06e288