www.helmholtz-berlin.de

- Helmholtz-Zentrum Berlin für Materialien und Energie GmbH -

Issued by GEANT OV RSA CA 4

About this certificate

This digital certificate with serial number 2c:ed:a3:53:ce:bb:97:d8:92:41:c0:33:55:c5:71:89 was issued on by GEANT Vereniging.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Helmholtz-Zentrum Berlin für Materialien und Energie GmbH

Organization: Helmholtz-Zentrum Berlin für Materialien und Energie GmbH
State / Province: Berlin
Country: DE

GEANT Vereniging

Organization: GEANT Vereniging
Country: NL

This certificate will expire on

Certificate Details

Serial Number (hex): 2c:ed:a3:53:ce:bb:97:d8:92:41:c0:33:55:c5:71:89
Serial Number (int): 59719918842692634685787930928871731593
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 22:a1:27:bd:46:25:3b:0f:d7:ee:3d:a1:5d:25:a3:a5:73:6e:0a:06
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c

Fingerprint (sha1): 4b:c4:02:6f:a0:fa:c5:0b:e8:8b:5b:b1:37:41:89:5b:1d:2c:ef:03
Fingerprint (sha256): 2e:d2:c1:c4:ce:6f:27:96:6e:0b:8b:4f:41:f7:4f:ef:6e:88:10:bc:ad:57:a0:68:2d:42:31:d3:d2:7d:29:cf

Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt

Revocation information

OCSP Server: http://GEANT.ocsp.sectigo.com
CRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl

Check the revocation status for certificate www.helmholtz-berlin.de

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.helmholtz-berlin.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.helmholtz-berlin.de
helmholtz-berlin.de
hz-b.de
www-test.basisit.de
www-test.helmholtz-berlin.de
www.hz-b.de
wwwext1-e-p.basisit.de
wwwext2-e-p.basisit.de
wwwext3-e-p.basisit.de
wwwext4-e-p.basisit.de
wwwtest.helmholtz-berlin.de
wwwtest.hz-b.de

Other certificates including the domain name helmholtz-berlin.de

(limited to 100 certificates)
gate.helmholtz-berlin.de
portal.helmholtz-berlin.de
webapp.basisit.de
ise-psn-a-1.helmholtz-berlin.de
imap.helmholtz-berlin.de
ess.helmholtz-berlin.de
divuwiki.basisit.de
dms.helmholtz-berlin.de
nc.helmholtz-berlin.de
workadventure.helmholtz-berlin.de
collab.helmholtz-berlin.de
rica.helmholtz-berlin.de
rica.helmholtz-berlin.de
nc.basisit.de
kanboard.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
imap.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
mail.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
lyncpool.basisit.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
ebisscattest.helmholtz-berlin.de
nubes.helmholtz-berlin.de
divlog.helmholtz-berlin.de
indico.helmholtz-berlin.de
imap.helmholtz-berlin.de
hzb-intern.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
mail.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
www.helmholtz-berlin.de
sas.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
dect-controller-01.voip.helmholtz-berlin.de
wssadmin-intern.helmholtz-berlin.de
smtp.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
www.helmholtz-berlin.de
hc-awx.basisit.de
ebisscatprod.helmholtz-berlin.de
f-intern.helmholtz-berlin.de
e-intern.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
nc.basisit.de
onlyoffice.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
sbc-gw-01.voip.helmholtz-berlin.de
webapp.basisit.de
mapi.helmholtz-berlin.de
portal.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
office.helmholtz-berlin.de
icat.helmholtz-berlin.de
dirac-meister.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
ise-psn-w-2.helmholtz-berlin.de
indico.helmholtz-berlin.de
rica.helmholtz-berlin.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
rica.helmholtz-berlin.de
portal-hzb.helmholtz-berlin.de
voip.helmholtz-berlin.de
icat.helmholtz-berlin.de
pyweb1.basisit.de
sbc-user-01-int.voip.helmholtz-berlin.de
voip.helmholtz-berlin.de
ncoffice.basisit.de
autodiscover.helmholtz-berlin.de
divwiki.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
nc.basisit.de
ebissprod.helmholtz-berlin.de
gw-ibz-h2.helmholtz-berlin.de
jitsi1.basisit.de
ise-psn-a-1.helmholtz-berlin.de
dits.helmholtz-berlin.de
sip.helmholtz-berlin.de
indico.helmholtz-berlin.de
evetest.helmholtz-berlin.de
sharetex.helmholtz-berlin.de
divwiki.basisit.de
g-intern.helmholtz-berlin.de
nubes.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
nubes.helmholtz-berlin.de
lyncpool.basisit.de
ise-psn-w-2.helmholtz-berlin.de
radius.hmi.de
voip.helmholtz-berlin.de
ise-psn-w-1.helmholtz-berlin.de
dits1.helmholtz-berlin.de
divlog.helmholtz-berlin.de
nubes-test.helmholtz-berlin.de

Certificate

The complete raw certificate details for www.helmholtz-berlin.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJczCCB1ugAwIBAgIQLO2jU867l9iSQcAzVcVxiTANBgkqhkiG9w0BAQwFADBE
MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE
AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjQwMTAyMDAwMDAwWhcNMjUwMTAxMjM1
OTU5WjCBhTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjFDMEEGA1UECgw6
SGVsbWhvbHR6LVplbnRydW0gQmVybGluIGbDvHIgTWF0ZXJpYWxpZW4gdW5kIEVu
ZXJnaWUgR21iSDEgMB4GA1UEAxMXd3d3LmhlbG1ob2x0ei1iZXJsaW4uZGUwggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCecK5lfTUrDtxq5G69xWEeLxBk
2BKDP7596FMlHJPc2G0KQqrC5i63nCvsAbqJsTnXhwZM3JJ3GWmgSwpCGfREDb3M
P1lz+ifZwvkLFDXFnfPkz2I+4SDR1RCqI/tE/AcUp5LaDJpUtR9YM97Vx2YQ8Qnz
CZeqL61g/ZMy6gHlLwycwGQr7u0MjOiP8iCgs7NrTxjF3YZd4gMM2UCn8fgvle+W
rekDumE0Oe3IfBK7E+oepqOQVzgJ+rNzo/dmtNFCS0E/nl0Z+ApZd/q1+6QTbVIf
CZuDPDOQsSkV8nd7GFYmk//UnGGDLKFh5EJKC3Qx3x0mWEga5HAQi6oA6EGyrBp7
wsToxIKV3hOkA9UcBSNZGg4aMRrWSXG3y28WQrOo9cBFEybSEE5aNn086MawnxoZ
4z+ND9cLez2r/KsYEAR+ADY7VieRdAQI0uIF3P3Mu1lclgXFDhD8X3HZOI3jgnVq
kxfxKYSpR0jNGC4uaM1E9AgZYPL2v5m1zRTpFKPP10ASqo8roiYlQIq86lFGGEEB
FuJKhgziLYxTDWSjce2o1XrZYTwyaWOnJ9TSjyujhsVfVrcGPjdxWvA/mgC6zP1Y
o+z3NcdA9cSyRa8N2MKi1qRRcyR49uIMUGmpmIfti/gLLAxlsFtinTpqlUsL2ypC
FITudimYQsW9SMocCQIDAQABo4IEHTCCBBkwHwYDVR0jBBgwFoAUbx01SRBsMvpZ
oJ68iugflb5xegwwHQYDVR0OBBYEFCKhJ71GJTsP1+49oV0lo6VzbgoGMA4GA1Ud
DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJPMCUwIwYIKwYBBQUHAgEW
F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjA/BgNVHR8EODA2MDSg
MqAwhi5odHRwOi8vR0VBTlQuY3JsLnNlY3RpZ28uY29tL0dFQU5UT1ZSU0FDQTQu
Y3JsMHUGCCsGAQUFBwEBBGkwZzA6BggrBgEFBQcwAoYuaHR0cDovL0dFQU5ULmNy
dC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0LmNydDApBggrBgEFBQcwAYYdaHR0
cDovL0dFQU5ULm9jc3Auc2VjdGlnby5jb20wggF/BgorBgEEAdZ5AgQCBIIBbwSC
AWsBaQB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjMqp/B8A
AAQDAEcwRQIgcppmH/s5wur3qEfCEiZ5fHnnZiDtIzmZzO0HxVBMwkcCIQD+NlVo
iH6txNOyhAPku+oBpi8F5OQy5jAy0AseH1ImOAB2AKLjCuRF772tm3447Udnd1PX
gluElNcrXhssxLlQpEfnAAABjMqp+/MAAAQDAEcwRQIgdnIpqU0q9+zgg6I/R+IZ
LmveyPoUtgrTmh6c5qbWm2ACIQDsbk+TQswQTmNrtcrqvMPnS80s9qDHGTQzNYCt
kK9bjwB3AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjMqp+/oA
AAQDAEgwRgIhAOmW07QKkNpZ94Ssz7rXJKFYWiEibgeOtUMNmn3+nLTrAiEAptfb
B9fQICwgL8xoJigQmW6nSAuGVm3wp8/RscVJ+0MwggESBgNVHREEggEJMIIBBYIX
d3d3LmhlbG1ob2x0ei1iZXJsaW4uZGWCE2hlbG1ob2x0ei1iZXJsaW4uZGWCB2h6
LWIuZGWCE3d3dy10ZXN0LmJhc2lzaXQuZGWCHHd3dy10ZXN0LmhlbG1ob2x0ei1i
ZXJsaW4uZGWCC3d3dy5oei1iLmRlghZ3d3dleHQxLWUtcC5iYXNpc2l0LmRlghZ3
d3dleHQyLWUtcC5iYXNpc2l0LmRlghZ3d3dleHQzLWUtcC5iYXNpc2l0LmRlghZ3
d3dleHQ0LWUtcC5iYXNpc2l0LmRlght3d3d0ZXN0LmhlbG1ob2x0ei1iZXJsaW4u
ZGWCD3d3d3Rlc3QuaHotYi5kZTANBgkqhkiG9w0BAQwFAAOCAgEAfS7ohN2ZdljG
PxKokaORRxqnUadsKDdvAy1svDrUjdfcbGd0kxHE4kOlx8Z5QKhGQbBrfBUDghX4
WJ3QwrvFSkFUlUhauP2/vyoQMfio+V23ipph3etenNHY7mcjSczMvIp1Y+44ZO5D
8FjYU+eZL5tKyRUA248v07CnM9yrSE4NtkycZ8pvH/9H0n6GC5p1DI/o6NWPrxr8
uVgY0cyFLhAq3TQk9Sj1DrNc2rCUFSg3EddcTWe8k3ZAzX6QsuwLQ72Fv+NoM5iS
oTMTIqoWlEpcwoMXguPuoMOXqHwxPU445lvs3aiqJyYAv0XczAtANP4lv6hnbXjs
Wi9tJkWFdJxQfP/bDTomHnRXyHdi+zxocjMmLm/CCSSaW1icIuLqn8AgEy4tpVWC
/WF0UN0s7LXYxNR44/LjZFOdVFMcuHvwxph8m2yItwnLKVxJzPnIs1rsRqOjTp8N
D5+0MdMGyzEQGqgb9606KGtUvZR4bqrqTiRqoLOwfVmMNHHU4oBcyzw0plj9BwLe
XHS5esH+uT/zuEpnXprSrmMlnn0z+J61B1uyx0Dlz0TCkoMGe+S/x/lkE0a/sdz8
Zo5VZ0EvSWLRlPidkEBdrNG6s6I0ynUul1BOind/mwPlgAeyWH9rzMFfhxj8Nx/4
iSKaF7wDyVyLtCVcJkxBC5Hql67t67o=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnnCuZX01Kw7cauRuvcVh
Hi8QZNgSgz++fehTJRyT3NhtCkKqwuYut5wr7AG6ibE514cGTNySdxlpoEsKQhn0
RA29zD9Zc/on2cL5CxQ1xZ3z5M9iPuEg0dUQqiP7RPwHFKeS2gyaVLUfWDPe1cdm
EPEJ8wmXqi+tYP2TMuoB5S8MnMBkK+7tDIzoj/IgoLOza08Yxd2GXeIDDNlAp/H4
L5Xvlq3pA7phNDntyHwSuxPqHqajkFc4Cfqzc6P3ZrTRQktBP55dGfgKWXf6tfuk
E21SHwmbgzwzkLEpFfJ3exhWJpP/1JxhgyyhYeRCSgt0Md8dJlhIGuRwEIuqAOhB
sqwae8LE6MSCld4TpAPVHAUjWRoOGjEa1klxt8tvFkKzqPXARRMm0hBOWjZ9POjG
sJ8aGeM/jQ/XC3s9q/yrGBAEfgA2O1YnkXQECNLiBdz9zLtZXJYFxQ4Q/F9x2TiN
44J1apMX8SmEqUdIzRguLmjNRPQIGWDy9r+Ztc0U6RSjz9dAEqqPK6ImJUCKvOpR
RhhBARbiSoYM4i2MUw1ko3HtqNV62WE8MmljpyfU0o8ro4bFX1a3Bj43cVrwP5oA
usz9WKPs9zXHQPXEskWvDdjCotakUXMkePbiDFBpqZiH7Yv4CywMZbBbYp06apVL
C9sqQhSE7nYpmELFvUjKHAkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 59719918842692634685787930928871731593
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Berlin'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Helmholtz-Zentrum Berlin für Materialien und Energie GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.helmholtz-berlin.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 646379463280130113272754176572888888315460542812893473631675968466673569410280704278426989746105981925409623006175530690466227974614002224603292443868138802954357702634242358490028365824180370336675292181727992144854740325173563384038531026113439410830110937029783880295486798808217347599272052201128181134790513052907534610122963525982065977352187611737241779687832021906771429825959230636720573443267738489593302413191985450740591035573948512743092720917035662091704061563991560649103044374955548562306271510693901270606855750307385282414498087447866269168613336825628880066989957972386175924723374092502405175401755348084768494345217061241765386559796920829115613554257813319801398340273567907958201353249001586715633033285772900013155996075214534653733473861320365373396940069777416293494222403208554996688542137072931279553754224016063880895734472064479630971054252723746976407034538508303004013694791508549335800090365500999845825522592309481384800804772921585452891978143567032518797922380170032853444442393520704660772981234609173091708556190732118732448602880125199246655788272173696783082676169265999483200301796646691286302803703233543886457080127169881759269072399810419807587984412647764764089318660757879096533383257097
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							22a127bd46253b0fd7ee3da15d25a3a5736e0a06
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018ccaa9fc1f00000403004730450220729a661ffb39c2eaf7a847c21226797c79e76620ed233999cced07c5504cc247022100fe365568887eadc4d3b28403e4bbea01a62f05e4e432e63032d00b1e1f522638007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018ccaa9fbf300000403004730450220767229a94d2af7ece083a23f47e2192e6bdec8fa14b60ad39a1e9ce6a6d69b60022100ec6e4f9342cc104e636bb5caeabcc3e74bcd2cf6a0c71934333580ad90af5b8f0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ccaa9fbfa0000040300483046022100e996d3b40a90da59f784accfbad724a1585a21226e078eb5430d9a7dfe9cb4eb022100a6d7db07d7d0202c202fcc68262810996ea7480b86566df0a7cfd1b1c549fb43
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (265 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.helmholtz-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'helmholtz-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hz-b.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-test.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-test.helmholtz-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hz-b.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwext1-e-p.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwext2-e-p.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwext3-e-p.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwext4-e-p.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwtest.helmholtz-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwtest.hz-b.de'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		007d2ee884dd997658c63f12a891a391471aa751a76c28376f032d6cbc3ad48dd7dc6c67749311c4e243a5c7c67940a84641b06b7c15038215f8589dd0c2bbc54a415495485ab8fdbfbf2a1031f8a8f95db78a9a61ddeb5e9cd1d8ee672349ccccbc8a7563ee3864ee43f058d853e7992f9b4ac91500db8f2fd3b0a733dcab484e0db64c9c67ca6f1fff47d27e860b9a750c8fe8e8d58faf1afcb95818d1cc852e102add3424f528f50eb35cdab09415283711d75c4d67bc937640cd7e90b2ec0b43bd85bfe368339892a1331322aa16944a5cc2831782e3eea0c397a87c313d4e38e65becdda8aa272600bf45dccc0b4034fe25bfa8676d78ec5a2f6d264585749c507cffdb0d3a261e7457c87762fb3c687233262e6fc209249a5b589c22e2ea9fc020132e2da55582fd617450dd2cecb5d8c4d478e3f2e364539d54531cb87bf0c6987c9b6c88b709cb295c49ccf9c8b35aec46a3a34e9f0d0f9fb431d306cb31101aa81bf7ad3a286b54bd94786eaaea4e246aa0b3b07d598c3471d4e2805ccb3c34a658fd0702de5c74b97ac1feb93ff3b84a675e9ad2ae63259e7d33f89eb5075bb2c740e5cf44c29283067be4bfc7f9641346bfb1dcfc668e5567412f4962d194f89d90405dacd1bab3a234ca752e97504e8a777f9b03e58007b2587f6bccc15f8718fc371ff889229a17bc03c95c8bb4255c264c410b91ea97aeedebba