dsa02r01s01hsm.dss.lrz.de
- Bayerische Akademie der Wissenschaften -
Issued by DFN-Verein Global Issuing CA
About this certificate
This digital certificate with serial number 25:d7:af:8c:0a:9f:80:d8:41:87:e0:47 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bayerische Akademie der Wissenschaften
Organization:
Bayerische Akademie der Wissenschaften
Organization unit: Leibniz-Rechenzentrum
Organization unit: Leibniz-Rechenzentrum
State / Province:
Bayern
Locality: Garching b. Muenchen
Country: DE
Locality: Garching b. Muenchen
Country: DE
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization:
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Organization unit: DFN-PKI
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 25:d7:af:8c:0a:9f:80:d8:41:87:e0:47Serial Number (int): 11711693412051057450605338695
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: b2:84:a8:46:3b:21:cd:30:08:3e:94:28:b5:84:ac:74:6d:7a:42:db
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74
Fingerprint (sha1): 72:92:1e:74:83:93:d7:f1:b8:80:21:36:e6:c3:28:6d:67:2f:e5:69
Fingerprint (sha256): 10:27:e2:36:a2:98:27:3d:86:83:2a:cc:5f:30:84:cc:66:21:44:cb:ff:1f:65:80:da:34:fe:ad:95:09:1c:3b
Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
Check the revocation status for certificate dsa02r01s01hsm.dss.lrz.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dsa02r01s01hsm.dss.lrz.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dsa2r01s01hsm.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
Other certificates including the domain name lrz.de
(limited to 100 certificates)
wwwv1.mwn.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
wwwv1.mwn.de
itsm.srv.lrz.de
wwwv1.mwn.de
wanda.test.lrz.de
publikationen.badw.de
wwwv1.mwn.de
tumidp.lrz.de
simsrv02.sim.lrz.de
v2cweb.srv.lrz.de
lists.lrz.de
ext-fw4-a.fw.lrz.de
publikationen.badw.de
asa01.lrz.de
syshlb.nas.lrz.de
dss05r01s40srv.dss.lrz.de
asa5k08.netz.lrz.de
lxmhs84.srv.lrz.de
wwwv1.mwn.de
debdev-anja1.dev.lrz.de
ts.lrz.de
pbx.voip.lrz.de
lrzidp.lrz.de
rv.lrz.de
badwlrz-swmbx09.lom.lrz.de
xin.srv.lrz.de
asa11.lrz.de
dss01xcat1.dss.lrz.de
publikationen.badw.de
asa-beta.lrz.de
debrtc.srv.lrz.de
node3.rv.lrz.de
wwwv1.mwn.de
badwlrz-slomd.srv.lrz.de
wwwv1.mwn.de
wanda-meet.test.lrz.de
c2papcosmosim.uc.lrz.de
badwlrz-swiet6.ads.mwn.de
simzbvw1.sim.lrz.de
cmdb.srv.lrz.de
earth.terrabyte.lrz.de
idmportal.lrz.de
badwlrz-slfism.srv.lrz.de
badwlrz-swccsv1.ads.mwn.de
pfp-doc02ext.nas.lrz.de
simsrv16.sim.lrz.de
video.lrz.de
datdssnsd05.dss.lrz.de
wwwv1.mwn.de
badwlrz-cw36408.lrz.de
gitlab.lrz.de
wwwv1.mwn.de
jabber-test.srv.lrz.de
idsrv.sim.lrz.de
simws.sim.lrz.de
web.nas.lrz.de
asa03.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
liesl-backend.srv.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
wwwv1.mwn.de
www.dss.lrz.de
dss01r02s28srv.dss.lrz.de
c2papcosmosim.uc.lrz.de
splunk.srv.lrz.de
pfp-lb01.nas.lrz.de
datdssnsd05.dss.lrz.de
dsa02r01s01hsm.dss.lrz.de
c2papcosmosim.uc.lrz.de
wwwv1.mwn.de
dsa01r10s01hsm.dss.lrz.de
dns-mgmt.srv.lrz.de
v2cweb.srv.lrz.de
wwwv1.mwn.de
lmuidp.lrz.de
wwwv1.mwn.de
wwwv1.mwn.de
hpbe15oa1.lom.lrz.de
dsa02r01s01hsm.dss.lrz.de
wwwv1.mwn.de
publikationen.badw.de
wwwv1.mwn.de
dss01r03s28srv.dss.lrz.de
studlmu.lrz.de
wwwv1.mwn.de
sl.supermuc.bayern
lrz-gcsjards.srv.lrz.de
badwlrz-twiet53.ads.mwn.de
mailrelay1.lrz.de
wwwv18.lrz.de
netapp-harvest03.nas.lrz.de
xmail.mwn.de
hummel.web.lrz.de
se-dev-demo1.srv.lrz.de
pfed-lb01.nas.lrz.de
pfp-lb04.nas.lrz.de
roundcube.lrz.de
nomad.srv.lrz.de
wwwv1.mwn.de
Certificate
The complete raw certificate details for dsa02r01s01hsm.dss.lrz.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYzCCBUugAwIBAgIMJdevjAqfgNhBh+BHMA0GCSqGSIb3DQEBCwUAMIGNMQsw CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIx MTIxNDA1NTYxNVoXDTIzMDExNDA1NTYxNVowgbIxCzAJBgNVBAYTAkRFMQ8wDQYD VQQIDAZCYXllcm4xHTAbBgNVBAcMFEdhcmNoaW5nIGIuIE11ZW5jaGVuMS8wLQYD VQQKDCZCYXllcmlzY2hlIEFrYWRlbWllIGRlciBXaXNzZW5zY2hhZnRlbjEeMBwG A1UECwwVTGVpYm5pei1SZWNoZW56ZW50cnVtMSIwIAYDVQQDDBlkc2EwMnIwMXMw MWhzbS5kc3MubHJ6LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 5AJ0WC1gdSE4ntrTelbLhOgShv5M0FcclN94IiY+Sm9QzyiPtYPkIWLklQXhdkvh irtLMX1/Z6c0sEIhnkZ6M58Cnsugct0/jexDC2fEDpbDvtoCc0z09/3yddYT28B7 UjjedaoMFJ6gOVD25URPSpi8VZwrx0QLfpdltGlxFEjgzP7yLFcORR/2MSTz8OXj zNl0HPlaPz6AvFVKZO1Le2fHSFxx5TbOKJWzMuZ8qMsivoDvdKMr3mcjtRw6dtR5 EMhoGmMb5GHzSzqu0fCWnCFbyUMTlHxYD80aFP0t2pf91UXOCNd83SfNLbpqaA6U xKTOXFaohcgP8gXLKJLg9wIDAQABo4ICmjCCApYwHQYDVR0lBBYwFAYIKwYBBQUH AwIGCCsGAQUFBwMBMFcGA1UdIARQME4wCAYGZ4EMAQICMA0GCysGAQQBga0hgiwe MA8GDSsGAQQBga0hgiwBAQQwEAYOKwYBBAGBrSGCLAEBBAowEAYOKwYBBAGBrSGC LAIBBAowCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYEFLKEqEY7 Ic0wCD6UKLWErHRtekLbMB8GA1UdIwQYMBaAFGs6mIv58lOJ2uCtsjIeCR/oqjt0 MD4GA1UdEQQ3MDWCGGRzYTJyMDFzMDFoc20uZHNzLmxyei5kZYIZZHNhMDJyMDFz MDFoc20uZHNzLmxyei5kZTCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vY2Rw MS5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmww P6A9oDuGOWh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9w dWIvY3JsL2NhY3JsLmNybDCB2wYIKwYBBQUHAQEEgc4wgcswMwYIKwYBBQUHMAGG J2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBJBggrBgEF BQcwAoY9aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1 Yi9jYWNlcnQvY2FjZXJ0LmNydDBJBggrBgEFBQcwAoY9aHR0cDovL2NkcDIucGNh LmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDAT BgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdjKmDQ9PkA3W KksGqVXBPoP8o/f6kY3u5kxNfSeEX4dl/DOa+YGESKKUo5IaqCoK8cPl29T/h903 NcHS5QT3y/k0OhxMwfVDt3PXgHM/p9Xu5ZhTxg4pzOCchEtU6oTT4fKUkCEsx+yY 2TInI+8c8leWIem+SoLhPWJnWxvArX/kWYNZAXX9UqAmmeVVo5KmfXlI8p23BPtg R6UQUvS2xAGaqRFhAlM2lEeuVACM6wVpDyuI21LltLLrLiPaqaBKUH5HTNn6UgXn gep26Kg450igw13GgIIjnrbuvQH53J+WYjYa1lkdz9/Skf7nRaqMesmBwj4rvgsx CcbFIyDVIw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AJ0WC1gdSE4ntrTelbL hOgShv5M0FcclN94IiY+Sm9QzyiPtYPkIWLklQXhdkvhirtLMX1/Z6c0sEIhnkZ6 M58Cnsugct0/jexDC2fEDpbDvtoCc0z09/3yddYT28B7UjjedaoMFJ6gOVD25URP Spi8VZwrx0QLfpdltGlxFEjgzP7yLFcORR/2MSTz8OXjzNl0HPlaPz6AvFVKZO1L e2fHSFxx5TbOKJWzMuZ8qMsivoDvdKMr3mcjtRw6dtR5EMhoGmMb5GHzSzqu0fCW nCFbyUMTlHxYD80aFP0t2pf91UXOCNd83SfNLbpqaA6UxKTOXFaohcgP8gXLKJLg 9wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11711693412051057450605338695 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-14 05:56:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-14 05:56:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bayern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Garching b. Muenchen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bayerische Akademie der Wissenschaften' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Leibniz-Rechenzentrum' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'dsa02r01s01hsm.dss.lrz.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28783543876764276735150308725872387781366776888524080595619710659150537384938818052394039052697746333581156851112664420278765981827425596129332707101593160515816050263580768614629785529853736654351375261317559231127480547469503036078698724799466829277119322594811441158351377846331290624365542869291378222597329428582313257796304306815722755493406627939431411129654179465595096340559847637598606024176398722735876620925013190293943183176921941346649283546178128610019384300948109680661027860319150720549316797915399087539189748199576910611633466600665279336920962590427660270392244292251635765246309909980338185232631 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.10 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b284a8463b21cd30083e9428b584ac746d7a42db . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dsa2r01s01hsm.dss.lrz.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dsa02r01s01hsm.dss.lrz.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007632a60d0f4f900dd62a4b06a955c13e83fca3f7fa918deee64c4d7d27845f8765fc339af9818448a294a3921aa82a0af1c3e5dbd4ff87dd3735c1d2e504f7cbf9343a1c4cc1f543b773d780733fa7d5eee59853c60e29cce09c844b54ea84d3e1f29490212cc7ec98d9322723ef1cf2579621e9be4a82e13d62675b1bc0ad7fe45983590175fd52a02699e555a392a67d7948f29db704fb6047a51052f4b6c4019aa911610253369447ae54008ceb05690f2b88db52e5b4b2eb2e23daa9a04a507e474cd9fa5205e781ea76e8a838e748a0c35dc68082239eb6eebd01f9dc9f9662361ad6591dcfdfd291fee745aa8c7ac981c23e2bbe0b3109c6c52320d523