sp-ad2.ad.rbb-online.de
- Rundfunk Berlin-Brandenburg -
Issued by DFN-Verein Global Issuing CA
About this certificate
This digital certificate with serial number 25:62:d6:93:a4:72:d3:8f:17:a5:1a:12 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Rundfunk Berlin-Brandenburg
Organization:
Rundfunk Berlin-Brandenburg
Organization unit: HA MIT
Organization unit: HA MIT
State / Province:
Berlin
Locality: Berlin
Country: DE
Locality: Berlin
Country: DE
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization:
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Organization unit: DFN-PKI
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 25:62:d6:93:a4:72:d3:8f:17:a5:1a:12Serial Number (int): 11570433403660480322413599250
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: 72:65:0e:bc:c7:8a:b5:81:36:41:97:11:a2:d8:bf:de:44:b6:02:db
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74
Fingerprint (sha1): a7:cb:d4:d7:ec:da:08:f3:f9:19:ae:66:87:6d:a1:bb:ab:3e:5e:56
Fingerprint (sha256): 0c:fd:79:3f:c8:83:64:3d:4c:cb:2f:04:e6:d8:6f:dc:a7:00:62:55:93:37:76:41:8c:3b:2f:73:65:bb:ac:8e
Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
Check the revocation status for certificate sp-ad2.ad.rbb-online.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sp-ad2.ad.rbb-online.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sp-ad2.ad.rbb-online.de
Other certificates including the domain name rbb-online.de
(limited to 100 certificates)
evo-s0.rbb-online.de
mi-vsp02.rbb-online.de
distribution-status.rbb-online.de
sf-ad1.ad.rbb-online.de
ref.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sp-ttximport02.rbb-online.de
mi-s4-1.rbb-online.de
sp-vcrpad02.rbb-online.de
sp-view01.ad.rbb-online.de
presseservice.rbb-online.de
rbbot1ev1.rbb-online.de
ttool-extern.rbb-online.de
ref-s0.w3.rbb-online.de
sp-wsa01-p1.rbb-online.de
mediathek-origin.rbb-online.de
intranet-s0.rbb-online.de
distribution-status.rbb-online.de
mimo.rbb-online.de
munki.rbb-online.de
ndr-news.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sf-ad1.ad.rbb-online.de
sp-fmc01.rbb-online.de
rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
i-doit-i.rbb-online.de
rbblog.rbb-online.de
distribution-status.rbb-online.de
sts.rbb-online.de
evo-p-awx.rbb-online.de
lodoas03.rbb-online.de
sp-im02.rbb-online.de
data.rbb-online.de
sp-ise01.rbb-online.de
sp-dsp-prod01.ad.rbb-online.de
webdoku.rbb-online.de
mi-5.rbb-online.de
webapplog.rbb-online.de
data-vis.rbb-online.de
sp-webdav01.ad.rbb-online.de
smr.rbb-online.de
m-relayb02i.rbb-online.de
rbb-online.de
rbb-online.de
m-relayp02i.rbb-online.de
sp-ttximport02.rbb-online.de
distribution-status.rbb-online.de
m-relayb02.rbb-online.de
distribution-status.rbb-online.de
ip-mgmt.rbb-online.de
ucmobile.rbb-online.de
sb-ad3.ad.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
sb-osuca01.rbb-online.de
entree-b.rbb-online.de
medienbroker.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
docs.rbb-online.de
evo-static.rbb-online.de
rbb-online.de
sc-ad1.ad.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
ptp-gm-b.rbb-online.de
rmsext.rbb-online.de
rbb-online.de
mi-s3-1.rbb-online.de
sp-ad4.ad.rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
mond-mk.rbb-online.de
orbitdvb41.rbb-online.de
birddoghrstatus.paradox.ai
evo-t1.rbb-online.de
rbb-online.de
sb-aks-dpe00.ad.rbb-online.de
evo-p-fusion.rbb-online.de
evo-data.rbb-online.de
rbb-mon.rbb-online.de
webdoku.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
sb-ise01.rbb-online.de
sp-cpi02.rbb-online.de
entree-b.rbb-online.de
entree-p.rbb-online.de
sb-tipath01.rbb-online.de
sp-ise01.rbb-online.de
sp-mon-mk1.rbb-online.de
entree-b.rbb-online.de
rbb-online.de
meine-antenne.rbb-online.de
mi-vsp02.rbb-online.de
distribution-status.rbb-online.de
sf-ad1.ad.rbb-online.de
ref.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sp-ttximport02.rbb-online.de
mi-s4-1.rbb-online.de
sp-vcrpad02.rbb-online.de
sp-view01.ad.rbb-online.de
presseservice.rbb-online.de
rbbot1ev1.rbb-online.de
ttool-extern.rbb-online.de
ref-s0.w3.rbb-online.de
sp-wsa01-p1.rbb-online.de
mediathek-origin.rbb-online.de
intranet-s0.rbb-online.de
distribution-status.rbb-online.de
mimo.rbb-online.de
munki.rbb-online.de
ndr-news.rbb-online.de
rbb-online.de
sp-ad2.ad.rbb-online.de
sf-ad1.ad.rbb-online.de
sp-fmc01.rbb-online.de
rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
i-doit-i.rbb-online.de
rbblog.rbb-online.de
distribution-status.rbb-online.de
sts.rbb-online.de
evo-p-awx.rbb-online.de
lodoas03.rbb-online.de
sp-im02.rbb-online.de
data.rbb-online.de
sp-ise01.rbb-online.de
sp-dsp-prod01.ad.rbb-online.de
webdoku.rbb-online.de
mi-5.rbb-online.de
webapplog.rbb-online.de
data-vis.rbb-online.de
sp-webdav01.ad.rbb-online.de
smr.rbb-online.de
m-relayb02i.rbb-online.de
rbb-online.de
rbb-online.de
m-relayp02i.rbb-online.de
sp-ttximport02.rbb-online.de
distribution-status.rbb-online.de
m-relayb02.rbb-online.de
distribution-status.rbb-online.de
ip-mgmt.rbb-online.de
ucmobile.rbb-online.de
sb-ad3.ad.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
sb-osuca01.rbb-online.de
entree-b.rbb-online.de
medienbroker.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
distribution-status.rbb-online.de
docs.rbb-online.de
evo-static.rbb-online.de
rbb-online.de
sc-ad1.ad.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
ptp-gm-b.rbb-online.de
rmsext.rbb-online.de
rbb-online.de
mi-s3-1.rbb-online.de
sp-ad4.ad.rbb-online.de
pcp.rbb-online.de
distribution-status.rbb-online.de
mond-mk.rbb-online.de
orbitdvb41.rbb-online.de
birddoghrstatus.paradox.ai
evo-t1.rbb-online.de
rbb-online.de
sb-aks-dpe00.ad.rbb-online.de
evo-p-fusion.rbb-online.de
evo-data.rbb-online.de
rbb-mon.rbb-online.de
webdoku.rbb-online.de
rbb-online.de
distribution-status.rbb-online.de
sb-ise01.rbb-online.de
sp-cpi02.rbb-online.de
entree-b.rbb-online.de
entree-p.rbb-online.de
sb-tipath01.rbb-online.de
sp-ise01.rbb-online.de
sp-mon-mk1.rbb-online.de
entree-b.rbb-online.de
rbb-online.de
meine-antenne.rbb-online.de
Certificate
The complete raw certificate details for sp-ad2.ad.rbb-online.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHHTCCBgWgAwIBAgIMJWLWk6Ry048XpRoSMA0GCSqGSIb3DQEBCwUAMIGNMQsw CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIx MDkxNjE0NDczM1oXDTIyMTAxNzE0NDczM1owgYgxCzAJBgNVBAYTAkRFMQ8wDQYD VQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEkMCIGA1UECgwbUnVuZGZ1bmsg QmVybGluLUJyYW5kZW5idXJnMQ8wDQYDVQQLDAZIQSBNSVQxIDAeBgNVBAMMF3Nw LWFkMi5hZC5yYmItb25saW5lLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC CgKCAgEAtwUVMM/8T34abbOdxV74SgGVHeLaO1LwkT34kzWnF5colnjlNd2wOO+2 zqfkhTD8nbzfM0AbF9vzbgqj1XUZUF9Jx0pRmeBbeu433OAbBQCh9qgEhIfkFAh4 HvA2I1na4MeDHwddIB1XDoGUJtW94DgWKXm8335GdenjrhZbRjieXss4YTYbS8+q kQ2+SnMccFirmzpXi7+ClsE7BEWYjj98qVvA6fZ6bIwZhCBe/8hB95aBdkzf6az+ mPqbMYI0FzU17Y6kBJmNmSCXiqbcYbYJyrR2WYjccv2NXUpUpjvyrtlfBsyqLCTM D75tyQx3StTXqbOO24vhCMhXnUy6yyZbaBGDsUBa5tgXHq2DLcNQEWjWto/wUTE1 RNc9juT3Qk1LhmWkl75Pi0UxeTbyvePsNrNHAR0C1Ps77isG3/xLCpj3ODNjDsHZ 9m96KiAw9lD273kzl7r4pm8PNNR11t9mTwzITwxetMEN8Okg+TVKYoDc+9CgQRjH Hx9PDKRyh6OugdiyWG4DM4LWRzgXu4TPcXivv9wDS8T//oqW+tLy3yXV476IT/2c F3/J9Pf/MtcJY7yRre20CMdT6zU7OjWIWMNEi4V4QAA3pr9BniR5ZFpNcX0+jyCb hofZQioe3lDn/v6i+r5cpfPxWhGKG8q6ocAM8L8eOyEzYh7Ux48CAwEAAaOCAn4w ggJ6MFcGA1UdIARQME4wCAYGZ4EMAQICMA0GCysGAQQBga0hgiweMA8GDSsGAQQB ga0hgiwBAQQwEAYOKwYBBAGBrSGCLAEBBAkwEAYOKwYBBAGBrSGCLAIBBAkwCQYD VR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG AQUFBwMBMB0GA1UdDgQWBBRyZQ68x4q1gTZBlxGi2L/eRLYC2zAfBgNVHSMEGDAW gBRrOpiL+fJTidrgrbIyHgkf6Ko7dDAiBgNVHREEGzAZghdzcC1hZDIuYWQucmJi LW9ubGluZS5kZTCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vY2RwMS5wY2Eu ZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmwwP6A9oDuG OWh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3Js L2NhY3JsLmNybDCB2wYIKwYBBQUHAQEEgc4wgcswMwYIKwYBBQUHMAGGJ2h0dHA6 Ly9vY3NwLnBjYS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBJBggrBgEFBQcwAoY9 aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNl cnQvY2FjZXJ0LmNydDBJBggrBgEFBQcwAoY9aHR0cDovL2NkcDIucGNhLmRmbi5k ZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDATBgorBgEE AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY7Pp8/prowHSk+IbaBcA JK3k+m2y0bxbwBHesw28f4K8ff7P6uKLCxQH7xqBo6prowFRP9+e1nzydVXoEw1l 5TsEGTG3nXUjTND5siqTNaIDuSOLaRtYamfEo1EcqTPIF8UDe+YI6k1uR0+dzgVA 2Ah3LK1ZUH8EYC7KxHyIK6/URJYs3AxnLD4luSSD9djQ4I4KP92o7mZi5PW5kUAl laXt3wM2eA67MG0PI+k/ZEkGoGz1YmfkWyOZ6wJrU/OcREpjYHhPr8A4QIj6HXOv ozRrzBSpcMUaEp8FygNe1h8ncw/PGTAdJtPjv433yDFsl7YaRlrmiH38uNgX3V+S pw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtwUVMM/8T34abbOdxV74 SgGVHeLaO1LwkT34kzWnF5colnjlNd2wOO+2zqfkhTD8nbzfM0AbF9vzbgqj1XUZ UF9Jx0pRmeBbeu433OAbBQCh9qgEhIfkFAh4HvA2I1na4MeDHwddIB1XDoGUJtW9 4DgWKXm8335GdenjrhZbRjieXss4YTYbS8+qkQ2+SnMccFirmzpXi7+ClsE7BEWY jj98qVvA6fZ6bIwZhCBe/8hB95aBdkzf6az+mPqbMYI0FzU17Y6kBJmNmSCXiqbc YbYJyrR2WYjccv2NXUpUpjvyrtlfBsyqLCTMD75tyQx3StTXqbOO24vhCMhXnUy6 yyZbaBGDsUBa5tgXHq2DLcNQEWjWto/wUTE1RNc9juT3Qk1LhmWkl75Pi0UxeTby vePsNrNHAR0C1Ps77isG3/xLCpj3ODNjDsHZ9m96KiAw9lD273kzl7r4pm8PNNR1 1t9mTwzITwxetMEN8Okg+TVKYoDc+9CgQRjHHx9PDKRyh6OugdiyWG4DM4LWRzgX u4TPcXivv9wDS8T//oqW+tLy3yXV476IT/2cF3/J9Pf/MtcJY7yRre20CMdT6zU7 OjWIWMNEi4V4QAA3pr9BniR5ZFpNcX0+jyCbhofZQioe3lDn/v6i+r5cpfPxWhGK G8q6ocAM8L8eOyEzYh7Ux48CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11570433403660480322413599250 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-16 14:47:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-17 14:47:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rundfunk Berlin-Brandenburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'HA MIT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'sp-ad2.ad.rbb-online.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 746655864124394493101811215866589621384577074736076225382582639310300610588358016131111719395795922250783773517635971465011442892798708114801415554828595903405576631422242288127448488976761481121795787220914387243919492971928208952770246140507684509109903196561911129281855098222100059259590648451114912142286373815993354101966102648044553840030607796670812081176854637891001648854897489505129693418048123401277017614446011309454627501932851023636261873342154623229958696618902239789273160885481770284684449924535958029143381989364833420397050732295848383644107029402672963361675153378717346140192265953736471783921858217301575211857701894502782634213405564065678876075317073582449084904038672764480663577940815499310593498616607553942452186498112931131444317556464325161504151411557497827236365289512305782524696751317635716741993571060565830187795714715697673222496443818190137357408124133672441548827531751921878511747329315381790624248547961440172902545059037960801432789376797980734452428114220589939631572792819348591843815696149554342930628648559587893674122015473029765409756109126711742990856392409082597975041927080229477466679848904252806854770366343067217042423210967349255405211657777881899954619588041871951733579892623 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 72650ebcc78ab58136419711a2d8bfde44b602db . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sp-ad2.ad.rbb-online.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0063b3e9f3fa6ba301d293e21b68170024ade4fa6db2d1bc5bc011deb30dbc7f82bc7dfecfeae28b0b1407ef1a81a3aa6ba301513fdf9ed67cf27555e8130d65e53b041931b79d75234cd0f9b22a9335a203b9238b691b586a67c4a3511ca933c817c5037be608ea4d6e474f9dce0540d808772cad59507f04602ecac47c882bafd444962cdc0c672c3e25b92483f5d8d0e08e0a3fdda8ee6662e4f5b991402595a5eddf0336780ebb306d0f23e93f644906a06cf56267e45b2399eb026b53f39c444a6360784fafc0384088fa1d73afa3346bcc14a970c51a129f05ca035ed61f27730fcf19301d26d3e3bf8df7c8316c97b61a465ae6887dfcb8d817dd5f92a7