inserieren.zeit.de
Issued by R3
About this certificate
This digital certificate with serial number 03:f7:27:e0:40:97:e1:f9:5a:eb:20:bd:97:40:09:b7:31:0a was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=inserieren.zeit.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:f7:27:e0:40:97:e1:f9:5a:eb:20:bd:97:40:09:b7:31:0aSerial Number (int): 345439606701192066688207302165821132321034
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4b:e2:f7:25:e9:54:6d:fd:2f:19:d6:31:d6:c6:49:ed:a1:62:56:02
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ec:d1:fc:ac:a4:4b:cc:a7:63:41:22:7f:4f:11:dd:f8:f2:a2:60:7b
Fingerprint (sha256): 09:f9:36:9c:f6:16:dc:28:ad:b7:e8:04:44:8c:47:0d:ed:c8:89:ad:88:8d:8c:3b:7c:b8:a1:e4:ff:68:09:16
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate inserieren.zeit.de
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for inserieren.zeit.de
Public Key Algorithm
RSA
Key Size
3072
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
admin.inserieren.zeit.de
api.inserieren.zeit.de
assets.inserieren.zeit.de
export.inserieren.zeit.de
inserieren.zeit.de
publisher.inserieren.zeit.de
api.inserieren.zeit.de
assets.inserieren.zeit.de
export.inserieren.zeit.de
inserieren.zeit.de
publisher.inserieren.zeit.de
Other certificates including the domain name zeit.de
(limited to 100 certificates)
dns-vetting1c.map.fastly.net
zeit.de
timetac.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
dev.academics.de
cmp.channelpartner.de
epaper.zeit.de
dns-vetting1j.map.fastly.net
inserieren-adpoint.zeit.de
g2.shared.global.fastly.net
newsletterversand.zeit.de
g2.shared.global.fastly.net
zeit.de
leserservice.zeit.de
g2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
timetacstatic.zeit.de
mailserverbdcas.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
timetac.zeit.de
boa.zeit.de
dns-vetting1j.map.fastly.net
ssl-proxy02.acme.zeit.de
verlag.zeit.de
g2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
shop.zeit.de
g2.shared.global.fastly.net
community-api.zeit.de
inserieren4.zeit.de
dns-vetting1c.map.fastly.net
srv-ts.zeit.de
g2.shared.global.fastly.net
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
avatars.zeit.de
www2.zeit.de
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
g2.shared.global.fastly.net
k8s-ext.zeit.de
verlag.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
spiele.zeit.de
dns-vetting1c.map.fastly.net
www.academics.de
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
b2.shared.global.fastly.net
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
z2x.zeit.de
b2.shared.global.fastly.net
prod.academics.de
b2.shared.global.fastly.net
verlag.zeit.de
dns-vetting1j.map.fastly.net
zeit.de
b2.shared.global.fastly.net
inserieren.zeit.de
g2.shared.global.fastly.net
b2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
chancenundkarriere.de
b2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
www2.zeit.de
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
inserieren4.zeit.de
verlag.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
community-admin.zeit.de
g2.shared.global.fastly.net
g2.shared.global.fastly.net
mailserverbdcas.zeit.de
herstellung.zeit.de
g2.shared.global.fastly.net
k8s-ext.zeit.de
g2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
openvpnas.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
timetacstatic.zeit.de
1pw-scim.zeit.de
inserieren4.zeit.de
g2.shared.global.fastly.net
parlamentsreden-backend.zeit.de
srv-fw-master.zeit.de
data-af9f3dfb33.zeit.de
zeit.de
timetac.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
dev.academics.de
cmp.channelpartner.de
epaper.zeit.de
dns-vetting1j.map.fastly.net
inserieren-adpoint.zeit.de
g2.shared.global.fastly.net
newsletterversand.zeit.de
g2.shared.global.fastly.net
zeit.de
leserservice.zeit.de
g2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
timetacstatic.zeit.de
mailserverbdcas.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
timetac.zeit.de
boa.zeit.de
dns-vetting1j.map.fastly.net
ssl-proxy02.acme.zeit.de
verlag.zeit.de
g2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
shop.zeit.de
g2.shared.global.fastly.net
community-api.zeit.de
inserieren4.zeit.de
dns-vetting1c.map.fastly.net
srv-ts.zeit.de
g2.shared.global.fastly.net
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
avatars.zeit.de
www2.zeit.de
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
g2.shared.global.fastly.net
k8s-ext.zeit.de
verlag.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
spiele.zeit.de
dns-vetting1c.map.fastly.net
www.academics.de
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
dns-vetting1j.map.fastly.net
b2.shared.global.fastly.net
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
z2x.zeit.de
b2.shared.global.fastly.net
prod.academics.de
b2.shared.global.fastly.net
verlag.zeit.de
dns-vetting1j.map.fastly.net
zeit.de
b2.shared.global.fastly.net
inserieren.zeit.de
g2.shared.global.fastly.net
b2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
chancenundkarriere.de
b2.shared.global.fastly.net
dns-vetting1j.map.fastly.net
www2.zeit.de
b2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
g2.shared.global.fastly.net
inserieren4.zeit.de
verlag.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
community-admin.zeit.de
g2.shared.global.fastly.net
g2.shared.global.fastly.net
mailserverbdcas.zeit.de
herstellung.zeit.de
g2.shared.global.fastly.net
k8s-ext.zeit.de
g2.shared.global.fastly.net
dns-vetting1-jeffg-noah.map.fastly.net
openvpnas.zeit.de
dns-vetting1-jeffg-noah.map.fastly.net
timetacstatic.zeit.de
1pw-scim.zeit.de
inserieren4.zeit.de
g2.shared.global.fastly.net
parlamentsreden-backend.zeit.de
srv-fw-master.zeit.de
data-af9f3dfb33.zeit.de
Certificate
The complete raw certificate details for inserieren.zeit.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgISA/cn4ECX4fla6yC9l0AJtzEKMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MDgxMjE3NDZaFw0yNDA4MDYxMjE3NDVaMB0xGzAZBgNVBAMT Emluc2VyaWVyZW4uemVpdC5kZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoC ggGBAMYK5YRBBLe6WI90sdm1O052AO8NE6jqBnyiNbuRr1w+iYpY4si8WIlVFDAO BiseTLReA/fl3mpWcaJt1nlmMX81Vx2l56fr6UJNIU2bbALEsqubPb+drVW+R2s6 AjllpR0t8tEyHLa21yhu8u4ayukSSuJxZt25iljGoIM0c+2ULGO0B0bw48xktQVN ocLvbi4gp7GKQBVRCs35ePSqXs69BUAD2tTWvLS+7crgnb7z7+XEhp1OmqfThOTJ GhMyM7LkHITLLzodSNN3IsyYsB3Ry0MTsg9lXvaZIMuQU746vd1eZ8aS8EVRpnNA mGWFHXczCRau7X+nJPRJ6fFgz1pWFa6z63IDaOUHlV4udSv5jO3o0wxbRikORkJ6 fdr0w3q3ctuSsOZCpNkbt+QzoJG/stzbsv36XHNhiXlDH//p5/qSH6Pnh1Fu285T JoNMgcXa4gKFpyYf2xgVO03rVigRQBWHExtHwCEl1DEMOHJhOYd4x+y5D9y3hnYp BP/POQIDAQABo4ICnTCCApkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRL4vcl6VRt /S8Z1jHWxkntoWJWAjAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBV BggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9y ZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzCBpQYDVR0RBIGd MIGaghhhZG1pbi5pbnNlcmllcmVuLnplaXQuZGWCFmFwaS5pbnNlcmllcmVuLnpl aXQuZGWCGWFzc2V0cy5pbnNlcmllcmVuLnplaXQuZGWCGWV4cG9ydC5pbnNlcmll cmVuLnplaXQuZGWCEmluc2VyaWVyZW4uemVpdC5kZYIccHVibGlzaGVyLmluc2Vy aWVyZW4uemVpdC5kZTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkC BAIEgfUEgfIA8AB2ABmYEHEJ8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/FrTKAAAB j1haVs4AAAQDAEcwRQIgIIVv5wGeYQr8XWmMWIjXYKpYlgjRTVOESvP5k459egMC IQC8MYy4O8qV9zcEiriNl6+Jvnp5zFBqgSeyhkq1Ybaz6AB2AHb/iD8KtvuVUcJh zPWHujS0pM27KdxoQgqf5mdMWjp0AAABj1haVxcAAAQDAEcwRQIhALDua7CxW1JD a6Bf0j37b9gcBMH7ZY8O/bwfipHeWkO0AiB0fUdWKO0XIJJn9bUSzaAmu4oyLE0K Wqn21DNKUMkibDANBgkqhkiG9w0BAQsFAAOCAQEArIagwIrZhw0gBow6MkrNWT9t SAXW3RuJ+dGTjMjslKUbkJLiWQpY/yIV1hQPFXWEsYMIqk8Yb434etFcni0p0ceV LgGnVx1AQ733893u4gpjsCz+I2KJcPib9QOk5fOW/N9DNZ5udsNoxge1iWMCY5EC qQfTz5XeGs78Q8+Cxarq6I7na4L5oJ3HfxCNlHCIokZJgiJRk0dfMoi62561YNMU ns711J7kkNheg0S/aKPCpxgMOwumbclW7cu3aT09yablbeSWwL3DBf43PSjBhIpn zYUUAQ/sS6iGXjKixlYyqhwyzL9lfsHwzQjSmlDGglKeBdbF4xKbUy0q3Vwubw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxgrlhEEEt7pYj3Sx2bU7 TnYA7w0TqOoGfKI1u5GvXD6JiljiyLxYiVUUMA4GKx5MtF4D9+XealZxom3WeWYx fzVXHaXnp+vpQk0hTZtsAsSyq5s9v52tVb5HazoCOWWlHS3y0TIctrbXKG7y7hrK 6RJK4nFm3bmKWMaggzRz7ZQsY7QHRvDjzGS1BU2hwu9uLiCnsYpAFVEKzfl49Kpe zr0FQAPa1Na8tL7tyuCdvvPv5cSGnU6ap9OE5MkaEzIzsuQchMsvOh1I03cizJiw HdHLQxOyD2Ve9pkgy5BTvjq93V5nxpLwRVGmc0CYZYUddzMJFq7tf6ck9Enp8WDP WlYVrrPrcgNo5QeVXi51K/mM7ejTDFtGKQ5GQnp92vTDerdy25Kw5kKk2Ru35DOg kb+y3Nuy/fpcc2GJeUMf/+nn+pIfo+eHUW7bzlMmg0yBxdriAoWnJh/bGBU7TetW KBFAFYcTG0fAISXUMQw4cmE5h3jH7LkP3LeGdikE/885AgMBAAE= -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 345439606701192066688207302165821132321034 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-08 12:17:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-06 12:17:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'inserieren.zeit.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 4494333089467935913777457162356012812938556139237661556310603224177067513957897706541204416720930244341942110512713962948798323842882340577005223217279657778291127039256381719722481998021452458933902069359419536641625504669282199292207885454300368505822177106391021363865719840834408981137748600761982054476022854230315162375833306363412220794271147051283839082330621752922388166405154217368708164069339767554845414657918729197783798563927029114026580558813469102546725662465312592318758737263692693489052838695676051622133859279574030102063892472285642357901874939384921791802711553003361947946554149189417335322021470606057986613473459834017501725538789944863657095267938729986002234013732841582097958173043382662792036125815145298452611604605072461792641461650997846941813167343525602616851524651257846410572985373199369172024872484898077375237143028957263219166703700313773822806990082056313938369683996262025584229470009 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4be2f725e9546dfd2f19d631d6c649eda1625602 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (157 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin.inserieren.zeit.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.inserieren.zeit.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.inserieren.zeit.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'export.inserieren.zeit.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'inserieren.zeit.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'publisher.inserieren.zeit.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f585a56ce0000040300473045022020856fe7019e610afc5d698c5888d760aa589608d14d53844af3f9938e7d7a03022100bc318cb83bca95f737048ab88d97af89be7a79cc506a8127b2864ab561b6b3e800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018f585a57170000040300473045022100b0ee6bb0b15b52436ba05fd23dfb6fd81c04c1fb658f0efdbc1f8a91de5a43b40220747d475628ed17209267f5b512cda026bb8a322c4d0a5aa9f6d4334a50c9226c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00ac86a0c08ad9870d20068c3a324acd593f6d4805d6dd1b89f9d1938cc8ec94a51b9092e2590a58ff2215d6140f157584b18308aa4f186f8df87ad15c9e2d29d1c7952e01a7571d4043bdf7f3ddeee20a63b02cfe23628970f89bf503a4e5f396fcdf43359e6e76c368c607b5896302639102a907d3cf95de1acefc43cf82c5aaeae88ee76b82f9a09dc77f108d947088a2464982225193475f3288badb9eb560d3149ecef5d49ee490d85e8344bf68a3c2a7180c3b0ba66dc956edcbb7693d3dc9a6e56de496c0bdc305fe373d28c1848a67cd8514010fec4ba8865e32a2c65632aa1c32ccbf657ec1f0cd08d29a50c682529e05d6c5e3129b532d2add5c2e6f