pfp-lb01.nas.lrz.de
- Bayerische Akademie der Wissenschaften -
Issued by DFN-Verein Global Issuing CA
About this certificate
This digital certificate with serial number 25:3c:35:d2:d5:af:93:00:f7:df:61:94 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bayerische Akademie der Wissenschaften
Organization:
Bayerische Akademie der Wissenschaften
Organization unit: Leibniz-Rechenzentrum
Organization unit: Leibniz-Rechenzentrum
State / Province:
Bayern
Locality: Garching b. Muenchen
Country: DE
Locality: Garching b. Muenchen
Country: DE
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization:
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Organization unit: DFN-PKI
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 25:3c:35:d2:d5:af:93:00:f7:df:61:94Serial Number (int): 11523735087204180146872344980
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: 8a:8c:19:00:b8:e6:9d:08:6e:4b:08:db:e7:9e:13:14:d1:0a:c4:73
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74
Fingerprint (sha1): a8:4c:3d:bf:b5:d5:64:48:ac:2c:08:52:4a:c4:35:00:97:3e:a9:43
Fingerprint (sha256): 10:0f:0b:f7:9c:61:89:2f:e3:1e:c6:d8:ce:4a:3e:b8:50:91:1c:ba:ff:fc:db:fe:ef:d1:8c:37:fd:49:d0:bb
Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
Check the revocation status for certificate pfp-lb01.nas.lrz.de
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pfp-lb01.nas.lrz.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pfp-lb01.nas.lrz.de
pfp-lb02.nas.lrz.de
pfp-lb03.nas.lrz.de
pfp-lb04.nas.lrz.de
pfp-lb05.nas.lrz.de
pfp-lb06.nas.lrz.de
pfp-lb02.nas.lrz.de
pfp-lb03.nas.lrz.de
pfp-lb04.nas.lrz.de
pfp-lb05.nas.lrz.de
pfp-lb06.nas.lrz.de
Other certificates including the domain name lrz.de
(limited to 100 certificates)
wwwv1.mwn.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
dss05xcat1.dss.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
dss05xcat1.dss.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
Certificate
The complete raw certificate details for pfp-lb01.nas.lrz.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGqDCCBZCgAwIBAgIMJTw10tWvkwD332GUMA0GCSqGSIb3DQEBCwUAMIGNMQsw CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIx MDgxODA3MzUzM1oXDTIyMDkxODA3MzUzM1owgawxCzAJBgNVBAYTAkRFMQ8wDQYD VQQIDAZCYXllcm4xHTAbBgNVBAcMFEdhcmNoaW5nIGIuIE11ZW5jaGVuMS8wLQYD VQQKDCZCYXllcmlzY2hlIEFrYWRlbWllIGRlciBXaXNzZW5zY2hhZnRlbjEeMBwG A1UECwwVTGVpYm5pei1SZWNoZW56ZW50cnVtMRwwGgYDVQQDDBNwZnAtbGIwMS5u YXMubHJ6LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vIq4gGd /3EZw0UFZqvcbhMUGhjZ5SMtyFAeby8BCWr4sAVFOVpl/zuJNaPbFJGbpDdWFf2M Wqg2l5THCC9cR6hvDqQhnbdu+bOAH61JYYSsFh6Q3BqE4jsu5Nqh/mi/UUVcfN6c xJX42uYYUbVQvMCQ1pZ6L5vIZlFuY8VkSVmDPsCHipFYKJzyytkstyz6jLAc7PP3 9cOP+NKGmyPjP8XCCx/SPRWHzJYUnmucSCyb0GVxMkKBLJVOjkEhhZrDQE6HMboU 08StOf+N67vZODce32CD0YbvklS20PG57yb9NMaUvC/1aEldFL3s8DW8/JSYr8gs 4g/KEQX2Gym58QIDAQABo4IC5TCCAuEwVwYDVR0gBFAwTjAIBgZngQwBAgIwDQYL KwYBBAGBrSGCLB4wDwYNKwYBBAGBrSGCLAEBBDAQBg4rBgEEAYGtIYIsAQEECTAQ Bg4rBgEEAYGtIYIsAgEECTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFIqMGQC45p0IbksI 2+eeExTRCsRzMB8GA1UdIwQYMBaAFGs6mIv58lOJ2uCtsjIeCR/oqjt0MIGIBgNV HREEgYAwfoITcGZwLWxiMDEubmFzLmxyei5kZYITcGZwLWxiMDIubmFzLmxyei5k ZYITcGZwLWxiMDMubmFzLmxyei5kZYITcGZwLWxiMDQubmFzLmxyei5kZYITcGZw LWxiMDUubmFzLmxyei5kZYITcGZwLWxiMDYubmFzLmxyei5kZTCBjQYDVR0fBIGF MIGCMD+gPaA7hjlodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwt ZzIvcHViL2NybC9jYWNybC5jcmwwP6A9oDuGOWh0dHA6Ly9jZHAyLnBjYS5kZm4u ZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3JsL2NhY3JsLmNybDCB2wYIKwYBBQUH AQEEgc4wgcswMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NT UC1TZXJ2ZXIvT0NTUDBJBggrBgEFBQcwAoY9aHR0cDovL2NkcDEucGNhLmRmbi5k ZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDBJBggrBgEF BQcwAoY9aHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1 Yi9jYWNlcnQvY2FjZXJ0LmNydDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG 9w0BAQsFAAOCAQEAkCv1c8yGcA55tEXrG5vxf4fWEG44G+Ep4DgemH3GnvLO98zJ kHLOsDPI9wPi86efJCi1wvmhuXn50UbpOPxywuCsiTX1CQc2i9wmo6XNCoMul91o q7RXQJ5VpOWMoiTjxogCVFLwDeZ0sCdQZazLwX+dxAXZBD0SDixZ0hFA1UQ2Axz2 Ol9miuGYzzSWy/jb4nRGadoTcOfIb6TmY/mG+Zi4HmKDCo2ECr8pmQMYHO4YOqGd 0QhUMyNsdBwH2QJK5s9aHqoYlaf2jFPGbhOM1L3s8a0ECmgZjEW6LVJI6VuBxwY+ bH87h2BzreYBecu+OhE7wbA9k3hrNjWjTajkwQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vIq4gGd/3EZw0UFZqvc bhMUGhjZ5SMtyFAeby8BCWr4sAVFOVpl/zuJNaPbFJGbpDdWFf2MWqg2l5THCC9c R6hvDqQhnbdu+bOAH61JYYSsFh6Q3BqE4jsu5Nqh/mi/UUVcfN6cxJX42uYYUbVQ vMCQ1pZ6L5vIZlFuY8VkSVmDPsCHipFYKJzyytkstyz6jLAc7PP39cOP+NKGmyPj P8XCCx/SPRWHzJYUnmucSCyb0GVxMkKBLJVOjkEhhZrDQE6HMboU08StOf+N67vZ ODce32CD0YbvklS20PG57yb9NMaUvC/1aEldFL3s8DW8/JSYr8gs4g/KEQX2Gym5 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11523735087204180146872344980 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-18 07:35:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-18 07:35:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bayern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Garching b. Muenchen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bayerische Akademie der Wissenschaften' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Leibniz-Rechenzentrum' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'pfp-lb01.nas.lrz.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27639367733057544209129034147514766909084017613016585853331878613493276470548963654286089933909713622112293640952129152901995892590582587992832634055158681611711284079367221872346390058096877951486649725540317996348274573093102576562876483966294552794345414502625457106794383148441723553633824907648595453312844722438279453525915560470939388905297127537642709089729587742286901819078032808941266261626761814445657491284214659669445637439513006752484027524499324379614765245140683209682360927517024120374439092421794976018440432638652099328981336953563710463253466399817719899630800691104442769823688109208873663576561 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8a8c1900b8e69d086e4b08dbe79e1314d10ac473 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (128 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfp-lb01.nas.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfp-lb02.nas.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfp-lb03.nas.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfp-lb04.nas.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfp-lb05.nas.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfp-lb06.nas.lrz.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00902bf573cc86700e79b445eb1b9bf17f87d6106e381be129e0381e987dc69ef2cef7ccc99072ceb033c8f703e2f3a79f2428b5c2f9a1b979f9d146e938fc72c2e0ac8935f50907368bdc26a3a5cd0a832e97dd68abb457409e55a4e58ca224e3c688025452f00de674b0275065accbc17f9dc405d9043d120e2c59d21140d54436031cf63a5f668ae198cf3496cbf8dbe2744669da1370e7c86fa4e663f986f998b81e62830a8d840abf299903181cee183aa19dd1085433236c741c07d9024ae6cf5a1eaa1895a7f68c53c66e138cd4bdecf1ad040a68198c45ba2d5248e95b81c7063e6c7f3b876073ade60179cbbe3a113bc1b03d93786b3635a34da8e4c1