idp.helmholtz-berlin.de
- Helmholtz-Zentrum Berlin für Materialien und Energie GmbH -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 01:a6:b3:bf:68:96:d8:5f:f7:b6:e6:40:36:15:6e:34 was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Helmholtz-Zentrum Berlin für Materialien und Energie GmbH
Organization:
Helmholtz-Zentrum Berlin für Materialien und Energie GmbH
State / Province:
Berlin
Country: DE
Country: DE
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate will expire on
Certificate Details
Serial Number (hex): 01:a6:b3:bf:68:96:d8:5f:f7:b6:e6:40:36:15:6e:34Serial Number (int): 2194794990568592828547012081751518772
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 48:1e:15:64:8c:6b:a4:bb:86:23:59:f6:d1:e7:cc:30:fc:49:52:d2
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): a7:8c:3d:2f:61:ee:88:91:62:5e:84:61:58:82:69:a0:25:32:fa:c2
Fingerprint (sha256): 1d:fe:c7:30:6a:57:45:bb:2e:35:87:f5:53:ba:33:f2:1a:18:a5:4e:88:af:4b:29:c0:4f:50:ac:b3:05:14:f1
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate idp.helmholtz-berlin.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for idp.helmholtz-berlin.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
idp.helmholtz-berlin.de
shibby2.basisit.de
shibby2.basisit.de
Other certificates including the domain name helmholtz-berlin.de
(limited to 100 certificates)
gate.helmholtz-berlin.de
portal.helmholtz-berlin.de
webapp.basisit.de
ise-psn-a-1.helmholtz-berlin.de
imap.helmholtz-berlin.de
ess.helmholtz-berlin.de
divuwiki.basisit.de
dms.helmholtz-berlin.de
nc.helmholtz-berlin.de
workadventure.helmholtz-berlin.de
collab.helmholtz-berlin.de
rica.helmholtz-berlin.de
rica.helmholtz-berlin.de
nc.basisit.de
kanboard.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
imap.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
mail.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
lyncpool.basisit.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
ebisscattest.helmholtz-berlin.de
nubes.helmholtz-berlin.de
divlog.helmholtz-berlin.de
indico.helmholtz-berlin.de
imap.helmholtz-berlin.de
hzb-intern.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
mail.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
www.helmholtz-berlin.de
sas.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
dect-controller-01.voip.helmholtz-berlin.de
wssadmin-intern.helmholtz-berlin.de
smtp.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
www.helmholtz-berlin.de
hc-awx.basisit.de
ebisscatprod.helmholtz-berlin.de
f-intern.helmholtz-berlin.de
e-intern.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
nc.basisit.de
onlyoffice.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
sbc-gw-01.voip.helmholtz-berlin.de
webapp.basisit.de
mapi.helmholtz-berlin.de
portal.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
office.helmholtz-berlin.de
icat.helmholtz-berlin.de
dirac-meister.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
ise-psn-w-2.helmholtz-berlin.de
indico.helmholtz-berlin.de
rica.helmholtz-berlin.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
rica.helmholtz-berlin.de
portal-hzb.helmholtz-berlin.de
voip.helmholtz-berlin.de
icat.helmholtz-berlin.de
pyweb1.basisit.de
sbc-user-01-int.voip.helmholtz-berlin.de
voip.helmholtz-berlin.de
ncoffice.basisit.de
autodiscover.helmholtz-berlin.de
divwiki.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
nc.basisit.de
ebissprod.helmholtz-berlin.de
gw-ibz-h2.helmholtz-berlin.de
jitsi1.basisit.de
ise-psn-a-1.helmholtz-berlin.de
dits.helmholtz-berlin.de
sip.helmholtz-berlin.de
indico.helmholtz-berlin.de
evetest.helmholtz-berlin.de
sharetex.helmholtz-berlin.de
divwiki.basisit.de
g-intern.helmholtz-berlin.de
nubes.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
nubes.helmholtz-berlin.de
lyncpool.basisit.de
ise-psn-w-2.helmholtz-berlin.de
radius.hmi.de
voip.helmholtz-berlin.de
ise-psn-w-1.helmholtz-berlin.de
dits1.helmholtz-berlin.de
divlog.helmholtz-berlin.de
nubes-test.helmholtz-berlin.de
portal.helmholtz-berlin.de
webapp.basisit.de
ise-psn-a-1.helmholtz-berlin.de
imap.helmholtz-berlin.de
ess.helmholtz-berlin.de
divuwiki.basisit.de
dms.helmholtz-berlin.de
nc.helmholtz-berlin.de
workadventure.helmholtz-berlin.de
collab.helmholtz-berlin.de
rica.helmholtz-berlin.de
rica.helmholtz-berlin.de
nc.basisit.de
kanboard.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
imap.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
mail.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
lyncpool.basisit.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
ebisscattest.helmholtz-berlin.de
nubes.helmholtz-berlin.de
divlog.helmholtz-berlin.de
indico.helmholtz-berlin.de
imap.helmholtz-berlin.de
hzb-intern.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
mail.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
www.helmholtz-berlin.de
sas.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
dect-controller-01.voip.helmholtz-berlin.de
wssadmin-intern.helmholtz-berlin.de
smtp.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
www.helmholtz-berlin.de
hc-awx.basisit.de
ebisscatprod.helmholtz-berlin.de
f-intern.helmholtz-berlin.de
e-intern.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
nc.basisit.de
onlyoffice.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
sbc-gw-01.voip.helmholtz-berlin.de
webapp.basisit.de
mapi.helmholtz-berlin.de
portal.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
office.helmholtz-berlin.de
icat.helmholtz-berlin.de
dirac-meister.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
ise-psn-w-2.helmholtz-berlin.de
indico.helmholtz-berlin.de
rica.helmholtz-berlin.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
rica.helmholtz-berlin.de
portal-hzb.helmholtz-berlin.de
voip.helmholtz-berlin.de
icat.helmholtz-berlin.de
pyweb1.basisit.de
sbc-user-01-int.voip.helmholtz-berlin.de
voip.helmholtz-berlin.de
ncoffice.basisit.de
autodiscover.helmholtz-berlin.de
divwiki.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
nc.basisit.de
ebissprod.helmholtz-berlin.de
gw-ibz-h2.helmholtz-berlin.de
jitsi1.basisit.de
ise-psn-a-1.helmholtz-berlin.de
dits.helmholtz-berlin.de
sip.helmholtz-berlin.de
indico.helmholtz-berlin.de
evetest.helmholtz-berlin.de
sharetex.helmholtz-berlin.de
divwiki.basisit.de
g-intern.helmholtz-berlin.de
nubes.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
nubes.helmholtz-berlin.de
lyncpool.basisit.de
ise-psn-w-2.helmholtz-berlin.de
radius.hmi.de
voip.helmholtz-berlin.de
ise-psn-w-1.helmholtz-berlin.de
dits1.helmholtz-berlin.de
divlog.helmholtz-berlin.de
nubes-test.helmholtz-berlin.de
Certificate
The complete raw certificate details for idp.helmholtz-berlin.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIlTCCBn2gAwIBAgIQAaazv2iW2F/3tuZANhVuNDANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMwNTA0MDAwMDAwWhcNMjQwNTAzMjM1 OTU5WjCBhTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjFDMEEGA1UECgw6 SGVsbWhvbHR6LVplbnRydW0gQmVybGluIGbDvHIgTWF0ZXJpYWxpZW4gdW5kIEVu ZXJnaWUgR21iSDEgMB4GA1UEAxMXaWRwLmhlbG1ob2x0ei1iZXJsaW4uZGUwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDCVo3dfvsaAkcOPuHYwdO4oXIf jL2fCShXK0ql28cpK3NKgaRKt5QQRMJtbwIg/0T4ZxesihkQvbWWtDK3rEjvn09k k2NGYqH8TifNp1d7aVUblmHhRrbDLpyn69Pojnhru4tIKPiHnIrJSdWTrjokjZ1f JnwT9BWgTEIdrh4crXJqqePWPM+wWTcJ44BgE3Iiv0/egdFO6kMDYx0INndPcB9S k4JLpNE2aW8cAjcHIzCZ5IqpNJsoFcpW4pow5if6K5ll5zrdDZYUOhiGi2HqGVTL 1zh1C1hnPQbhnhvCstpeq0zEFRC9Ou8Ly2e9FPdQaNpjlUPSUMpwGrTvoq1MTPps 1/a1GUWnQvurktHbt7wmaI3RelqS8qzad/j8j6UckrM7kYfilpj+3bjYHdbuQHeh Fo3glCD9hnSPUqkhiFLOof6SorZFlvuGJCYX/LSXthBlrhoMJB1T1lWfTBkWPxCS xctQGLjIHLzhmEcqTnXSjxt+H6czxG9ytK3Va4O/svODoYsncQW5r0pB+g413nXQ oDKXZgeR4Ggb4OI0eFzLW7M7bj4yxbb/pltcwKEmHmbqjLZqrKx6enSW+RrNetPK ewRIQKqYsHlSvxm1eymqbxzNsNNF7OA/5Wr9YOVSJqXMPLq7WKOboBTpNqOYWowk jv8451+65VvEMpFhdwIDAQABo4IDPzCCAzswHwYDVR0jBBgwFoAUbx01SRBsMvpZ oJ68iugflb5xegwwHQYDVR0OBBYEFEgeFWSMa6S7hiNZ9tHnzDD8SVLSMA4GA1Ud DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJPMCUwIwYIKwYBBQUHAgEW F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjA/BgNVHR8EODA2MDSg MqAwhi5odHRwOi8vR0VBTlQuY3JsLnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQu Y3JsMHUGCCsGAQUFBwEBBGkwZzA6BggrBgEFBQcwAoYuaHR0cDovL0dFQU5ULmNy dC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0LmNydDApBggrBgEFBQcwAYYdaHR0 cDovL0dFQU5ULm9jc3Auc2VjdGlnby5jb20wggF/BgorBgEEAdZ5AgQCBIIBbwSC AWsBaQB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABh+afxZsA AAQDAEYwRAIgBsnA4Z8rHDPp2Q6S2JdJseT3xanTHKQRHv/r0Umy5vQCIAIUNrQ6 ZDSpwGZCGaq/QKyLBIbHib359UUyzHX8ldgVAHcA2ra/az+1tiKfm8K7XGvocJFx bLtRhIU0vaQ9MEjX+6sAAAGH5p/F8gAABAMASDBGAiEA4GrXFuiydTwyKBdcsXWi aeKnIYu6L1QmAGaJOTHl7nUCIQC8+xCgPERJCkej11dpNcyMF2xrFTS6noFnQbZJ wlhgFQB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABh+afxcQA AAQDAEgwRgIhAPubYbIiHvVVclYUSZMk3RIjXuwzN8iD+2t+p4nRgXNKAiEA9k07 PA7Pd3jjlOWytFFnAC5T8vmQKvOJKaN8ErOMYf4wNgYDVR0RBC8wLYIXaWRwLmhl bG1ob2x0ei1iZXJsaW4uZGWCEnNoaWJieTIuYmFzaXNpdC5kZTANBgkqhkiG9w0B AQwFAAOCAgEAianbnxjrUcu1OTOlEc/dwpn1lMnHpLeG4oKkWWQgxXiiU+3cbEY4 /1/iUYM8qkF3nz6dQGoaXeBfD4Q5r7Nkb5+hnjYDNSCkp1c6/gH5FeH1ja1ctyGQ /3zubeJUSjmnjEatV1K5zyvb7kpUT6HGXy5btjwW3PuI9PvpbcHuHbB4VIj2x10v WRPl7k+fH2dirKvNqeYgfJbT/g4suXLmrnnXPKFAMjYFbQzLx/DWflC0zh0QtK97 /ESKa4jPij8ah5124O/v5dSwN9ihVmYvtLh5uZ1F9VbTFkM0Lrq7E12y2ByIlPDS 0I8BHpntnEOn9q58jim7q/QDkZIeQ7Nw1NNjvaAmGPuebg2qnNzTAUL1E+RS8+Eg Z4fZ3vEXFMdSgM4yaaru5Uxt/HFqEax4N+qVfFJHBKWxxysHAgpdPSCaNBCpP3PV K5QREshlo0JPbm9kWkRVk6tVKkCIeh3tbqVuNehW6EYdzZ61xTvPG8uIPKsxmedh ZxODFUk/MzZvVjcmzjqviFWk1IMbtH76UqOWSMptbEaXxWqC0f1+Fy3SrO38FAwL LQQeax4H8Sf/idsAc5oLC+poBno4IA2L6DRK2fNuk7+5PNNLj7egbeCgocUpgWRq 3e2vZkJbxqQMDgHhhV84IsvMhRPjoiJZyIoNb7Kmu09bmkJ+4MGgwkU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwlaN3X77GgJHDj7h2MHT uKFyH4y9nwkoVytKpdvHKStzSoGkSreUEETCbW8CIP9E+GcXrIoZEL21lrQyt6xI 759PZJNjRmKh/E4nzadXe2lVG5Zh4Ua2wy6cp+vT6I54a7uLSCj4h5yKyUnVk646 JI2dXyZ8E/QVoExCHa4eHK1yaqnj1jzPsFk3CeOAYBNyIr9P3oHRTupDA2MdCDZ3 T3AfUpOCS6TRNmlvHAI3ByMwmeSKqTSbKBXKVuKaMOYn+iuZZec63Q2WFDoYhoth 6hlUy9c4dQtYZz0G4Z4bwrLaXqtMxBUQvTrvC8tnvRT3UGjaY5VD0lDKcBq076Kt TEz6bNf2tRlFp0L7q5LR27e8JmiN0XpakvKs2nf4/I+lHJKzO5GH4paY/t242B3W 7kB3oRaN4JQg/YZ0j1KpIYhSzqH+kqK2RZb7hiQmF/y0l7YQZa4aDCQdU9ZVn0wZ Fj8QksXLUBi4yBy84ZhHKk510o8bfh+nM8RvcrSt1WuDv7Lzg6GLJ3EFua9KQfoO Nd510KAyl2YHkeBoG+DiNHhcy1uzO24+MsW2/6ZbXMChJh5m6oy2aqysenp0lvka zXrTynsESECqmLB5Ur8ZtXspqm8czbDTRezgP+Vq/WDlUialzDy6u1ijm6AU6Taj mFqMJI7/OOdfuuVbxDKRYXcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2194794990568592828547012081751518772 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Helmholtz-Zentrum Berlin für Materialien und Energie GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'idp.helmholtz-berlin.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 792830285795635557703859160607118163909674746116445400472482588186693128314041326645298380780395059202930967804433750121393192110739041252919993279593484119065932841595170645864698446640512658990218528865398594402630957478871340220698976719904867033194455751998491170753140233964449013398509215379007087698448452469972828707132126514205166599366191358999151881376729022112200566769678998011078105696000289334321885611031196337578003700400087520161526759946257292371897191342374870095806568480985760846940553517909251943815439743452864478721123239230142825183507675097272922612281339524334766475738933896930841959549362857570532356332058685581274497885593932504439642648452121452946385238303587150794245766643283324989046382134451618887040426427777716375324281462574284087145822996272521128494566986183942790820360865152654328099306057133619283520821591282300772089352943069343909057593132053223463007855146578208996507718032260981771320784337894337475724381975497691488580191833187380346407377508353074626805168972053171056173723102818130115597581681058568267301089063975212257884413492890890468881690610209222912493314446438927419325992312661781502822057037084581280947482396594563829498505207787042642953631422436652375854600511863 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 481e15648c6ba4bb862359f6d1e7cc30fc4952d2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000187e69fc59b0000040300463044022006c9c0e19f2b1c33e9d90e92d89749b1e4f7c5a9d31ca4111effebd149b2e6f40220021436b43a6434a9c0664219aabf40ac8b0486c789bdf9f54532cc75fc95d815007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000187e69fc5f20000040300483046022100e06ad716e8b2753c3228175cb175a269e2a7218bba2f54260066893931e5ee75022100bcfb10a03c44490a47a3d7576935cc8c176c6b1534ba9e816741b649c2586015007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000187e69fc5c40000040300483046022100fb9b61b2221ef555725614499324dd12235eec3337c883fb6b7ea789d181734a022100f64d3b3c0ecf7778e394e5b2b45167002e53f2f9902af38929a37c12b38c61fe . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp.helmholtz-berlin.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shibby2.basisit.de' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0089a9db9f18eb51cbb53933a511cfddc299f594c9c7a4b786e282a4596420c578a253eddc6c4638ff5fe251833caa41779f3e9d406a1a5de05f0f8439afb3646f9fa19e36033520a4a7573afe01f915e1f58dad5cb72190ff7cee6de2544a39a78c46ad5752b9cf2bdbee4a544fa1c65f2e5bb63c16dcfb88f4fbe96dc1ee1db0785488f6c75d2f5913e5ee4f9f1f6762acabcda9e6207c96d3fe0e2cb972e6ae79d73ca1403236056d0ccbc7f0d67e50b4ce1d10b4af7bfc448a6b88cf8a3f1a879d76e0efefe5d4b037d8a156662fb4b879b99d45f556d31643342ebabb135db2d81c8894f0d2d08f011e99ed9c43a7f6ae7c8e29bbabf40391921e43b370d4d363bda02618fb9e6e0daa9cdcd30142f513e452f3e1206787d9def11714c75280ce3269aaeee54c6dfc716a11ac7837ea957c524704a5b1c72b07020a5d3d209a3410a93f73d52b941112c865a3424f6e6f645a445593ab552a40887a1ded6ea56e35e856e8461dcd9eb5c53bcf1bcb883cab3199e76167138315493f33366f563726ce3aaf8855a4d4831bb47efa52a39648ca6d6c4697c56a82d1fd7e172dd2acedfc140c0b2d041e6b1e07f127ff89db00739a0b0bea68067a38200d8be8344ad9f36e93bfb93cd34b8fb7a06de0a0a1c52981646addedaf66425bc6a40c0e01e1855f3822cbcc8513e3a22259c88a0d6fb2a6bb4f5b9a427ee0c1a0c245