www.helmholtz-berlin.de

- Helmholtz-Zentrum Berlin für Materialien und Energie GmbH -

Issued by GEANT OV RSA CA 4

About this certificate

This digital certificate with serial number 2c:68:db:43:8d:39:62:82:a4:6e:21:1d:0d:9b:52:8e was issued on by GEANT Vereniging.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Helmholtz-Zentrum Berlin für Materialien und Energie GmbH

Organization: Helmholtz-Zentrum Berlin für Materialien und Energie GmbH
State / Province: Berlin
Country: DE

GEANT Vereniging

Organization: GEANT Vereniging
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 2c:68:db:43:8d:39:62:82:a4:6e:21:1d:0d:9b:52:8e
Serial Number (int): 59030477887520769011036328924999799438
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: ea:b5:ea:25:6b:62:91:fe:88:a2:9f:8f:18:49:42:80:3b:eb:e8:37
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c

Fingerprint (sha1): 1e:67:7b:d5:17:ad:e4:77:47:e8:9e:9d:98:6f:57:6b:ff:a4:32:e4
Fingerprint (sha256): 4f:04:8a:4b:e9:9e:cf:da:07:ff:13:01:96:ea:54:f8:2c:fe:70:cc:5f:dd:cc:9c:d2:17:ff:cb:8a:f6:54:2b

Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt

Revocation information

OCSP Server: http://GEANT.ocsp.sectigo.com
CRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl

Check the revocation status for certificate www.helmholtz-berlin.de

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.helmholtz-berlin.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.helmholtz-berlin.de
helmholtz-berlin.de
hz-b.de
www.hz-b.de
www1-prod.basisit.de
www2-prod.basisit.de
www3-prod.basisit.de
www4-prod.basisit.de
wwwa.basisit.de
wwwb.basisit.de
wwwtest.helmholtz-berlin.de
wwwtest.hz-b.de

Other certificates including the domain name helmholtz-berlin.de

(limited to 100 certificates)
gate.helmholtz-berlin.de
portal.helmholtz-berlin.de
webapp.basisit.de
ise-psn-a-1.helmholtz-berlin.de
imap.helmholtz-berlin.de
ess.helmholtz-berlin.de
divuwiki.basisit.de
dms.helmholtz-berlin.de
nc.helmholtz-berlin.de
workadventure.helmholtz-berlin.de
collab.helmholtz-berlin.de
rica.helmholtz-berlin.de
rica.helmholtz-berlin.de
nc.basisit.de
kanboard.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
imap.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
mail.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
lyncpool.basisit.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
ebisscattest.helmholtz-berlin.de
nubes.helmholtz-berlin.de
divlog.helmholtz-berlin.de
indico.helmholtz-berlin.de
imap.helmholtz-berlin.de
hzb-intern.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
mail.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
www.helmholtz-berlin.de
sas.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
sbc-lync-01-int.voip.helmholtz-berlin.de
dect-controller-01.voip.helmholtz-berlin.de
wssadmin-intern.helmholtz-berlin.de
smtp.helmholtz-berlin.de
sbc-user-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
www.helmholtz-berlin.de
hc-awx.basisit.de
ebisscatprod.helmholtz-berlin.de
f-intern.helmholtz-berlin.de
e-intern.helmholtz-berlin.de
ifolder.helmholtz-berlin.de
nc.basisit.de
onlyoffice.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
sbc-gw-01.voip.helmholtz-berlin.de
webapp.basisit.de
mapi.helmholtz-berlin.de
portal.helmholtz-berlin.de
sbc-gw-01-int.voip.helmholtz-berlin.de
radius.helmholtz-berlin.de
office.helmholtz-berlin.de
icat.helmholtz-berlin.de
dirac-meister.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
ebisscatprod.helmholtz-berlin.de
ise-psn-w-2.helmholtz-berlin.de
indico.helmholtz-berlin.de
rica.helmholtz-berlin.de
idp.helmholtz-berlin.de
www.helmholtz-berlin.de
rica.helmholtz-berlin.de
portal-hzb.helmholtz-berlin.de
voip.helmholtz-berlin.de
icat.helmholtz-berlin.de
pyweb1.basisit.de
sbc-user-01-int.voip.helmholtz-berlin.de
voip.helmholtz-berlin.de
ncoffice.basisit.de
autodiscover.helmholtz-berlin.de
divwiki.basisit.de
sbc-gw-02-int.voip.helmholtz-berlin.de
nc.basisit.de
ebissprod.helmholtz-berlin.de
gw-ibz-h2.helmholtz-berlin.de
jitsi1.basisit.de
ise-psn-a-1.helmholtz-berlin.de
dits.helmholtz-berlin.de
sip.helmholtz-berlin.de
indico.helmholtz-berlin.de
evetest.helmholtz-berlin.de
sharetex.helmholtz-berlin.de
divwiki.basisit.de
g-intern.helmholtz-berlin.de
nubes.helmholtz-berlin.de
ebisscatent.helmholtz-berlin.de
nubes.helmholtz-berlin.de
lyncpool.basisit.de
ise-psn-w-2.helmholtz-berlin.de
radius.hmi.de
voip.helmholtz-berlin.de
ise-psn-w-1.helmholtz-berlin.de
dits1.helmholtz-berlin.de
divlog.helmholtz-berlin.de
nubes-test.helmholtz-berlin.de

Certificate

The complete raw certificate details for www.helmholtz-berlin.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIVjCCBj6gAwIBAgIQLGjbQ405YoKkbiEdDZtSjjANBgkqhkiG9w0BAQwFADBE
MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE
AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMwMTExMDAwMDAwWhcNMjQwMTExMjM1
OTU5WjCBhTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjFDMEEGA1UECgw6
SGVsbWhvbHR6LVplbnRydW0gQmVybGluIGbDvHIgTWF0ZXJpYWxpZW4gdW5kIEVu
ZXJnaWUgR21iSDEgMB4GA1UEAxMXd3d3LmhlbG1ob2x0ei1iZXJsaW4uZGUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoS0HSMmRZFTx0c8vO7Xth+5ud
qT68mYzTXr8EYOeaILTw99rXnr+2EXh/JDEsRU9/jT8LV/B1SB4qmtqFJx4HBYxJ
zbDSVJb6K+/xU4wNtal2R9sJ5wh9C6wCjt+g4RTjXa/h9npmk/WF6AiDfY7xuhol
NLir1yhVrcRSx0dYnSrWocof1ADwtq5fY/wpTZtsMa4WccmhGpVeWpOLAQeTCt+j
T7hn1clDugHEMuMtSaXEjLrdkHmyJTr4U7nb5FPnfDIJBiAYGxnKQ9fGpQ8zx1J4
+gEpKIoHNlfb/LbGeI75W4zBQbbQ0DKfa/Rx0D7JlnwCX3M/g1iaULt0rUaJAgMB
AAGjggQAMIID/DAfBgNVHSMEGDAWgBRvHTVJEGwy+lmgnryK6B+VvnF6DDAdBgNV
HQ4EFgQU6rXqJWtikf6Iop+PGElCgDvr6DcwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARC
MEAwNAYLKwYBBAGyMQECAk8wJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdv
LmNvbS9DUFMwCAYGZ4EMAQICMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9HRUFO
VC5jcmwuc2VjdGlnby5jb20vR0VBTlRPVlJTQUNBNC5jcmwwdQYIKwYBBQUHAQEE
aTBnMDoGCCsGAQUFBzAChi5odHRwOi8vR0VBTlQuY3J0LnNlY3RpZ28uY29tL0dF
QU5UT1ZSU0FDQTQuY3J0MCkGCCsGAQUFBzABhh1odHRwOi8vR0VBTlQub2NzcC5z
ZWN0aWdvLmNvbTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYAdv+IPwq2+5VR
wmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGFn+3aOgAABAMARzBFAiEAv0DlEDNV
eHpbn6ilsXDrnp1cCcglH0t/g4YtyKlIVksCIEO83/5elOLhkb00rzBUKsfmY7uR
WYSLDzXGWT0vW9eMAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sA
AAGFn+3aQQAABAMARzBFAiEA6t9+tWi+YFPUsAygQpCHSnikPj7tgpM9TY+CevcK
N5cCIAcTnExikF4t3fAcxL/j07tKF82taUNOMJdBtSDHYhmjAHYA7s3QZNXbGs7F
XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGFn+3aHQAABAMARzBFAiB8JYLLZJ0a
KNLK1DMtdUr/e71WkKMgloEuAcioWFxEywIhAKrj1pA+ADQT4Wp5LnMAmXVpvjKU
Fw/oSFl9NvZVJlSqMIH3BgNVHREEge8wgeyCF3d3dy5oZWxtaG9sdHotYmVybGlu
LmRlghNoZWxtaG9sdHotYmVybGluLmRlggdoei1iLmRlggt3d3cuaHotYi5kZYIU
d3d3MS1wcm9kLmJhc2lzaXQuZGWCFHd3dzItcHJvZC5iYXNpc2l0LmRlghR3d3cz
LXByb2QuYmFzaXNpdC5kZYIUd3d3NC1wcm9kLmJhc2lzaXQuZGWCD3d3d2EuYmFz
aXNpdC5kZYIPd3d3Yi5iYXNpc2l0LmRlght3d3d0ZXN0LmhlbG1ob2x0ei1iZXJs
aW4uZGWCD3d3d3Rlc3QuaHotYi5kZTANBgkqhkiG9w0BAQwFAAOCAgEAV8Y3iPrA
pvZ6WiAHBFThbXOzEot7QGMwjAxBIoJ2U4nSl3ISUYFVpc88Q8USfK2usvei1sdK
X3NZ9yOna3eBYTVsOtIorI/L3mCpfEdj2EQisDjgwqQrcECIcCPxmuJd3EMscZOU
7+osMfYiDuyRlGQhe3p2/sau3IpkEBqZThw1zGTodi16egbTHwiR8WZPglUe1ZqK
M5Inl1aObpJatb3AP2pMM+r5aL62aAaKQF6OKOvUGuDsQ+noxDKIEttqI4vCq2F6
7aqrUfcJ0fkjnCF+aTWMZY11rw6ipYu6CTRDIQwEkeXOFnmy4H8lcKgDR2WZx3uT
1dJFdCHvXC9wz37JifF+Wal+2uj2+jWis/o+sA6Cuh894fFgTuJIkKgmF88MVZQL
To3Q2NiLiqqq3i87fMsyMdgjPohzci+xxngNguaEXHxcSJbUqxVfSc2eYbx3i9P5
FArQ6ap3aLOCVhYOYuB4qjJDS8mv/VrOPyCxNhDFZeo4lseUAOFTa4jKRxmmklLY
D2uH9TECYRHQxEhO7r8lnZJxP3eHLV4DhW6oypkXCrM9fQP2YCrBACuU7G2/sUG6
ArUyMUpCY5jG0ZoLqjpDgLmoCC2R2zEdUzrS40IBO9JK0MDyXIpNukI/lYy7rvIE
LKDZZBcAeH8gDLpdB1IKH/KhVJQTWZKzMwk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEtB0jJkWRU8dHPLzu17
Yfubnak+vJmM016/BGDnmiC08Pfa156/thF4fyQxLEVPf40/C1fwdUgeKprahSce
BwWMSc2w0lSW+ivv8VOMDbWpdkfbCecIfQusAo7foOEU412v4fZ6ZpP1hegIg32O
8boaJTS4q9coVa3EUsdHWJ0q1qHKH9QA8LauX2P8KU2bbDGuFnHJoRqVXlqTiwEH
kwrfo0+4Z9XJQ7oBxDLjLUmlxIy63ZB5siU6+FO52+RT53wyCQYgGBsZykPXxqUP
M8dSePoBKSiKBzZX2/y2xniO+VuMwUG20NAyn2v0cdA+yZZ8Al9zP4NYmlC7dK1G
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 59030477887520769011036328924999799438
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Berlin'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Helmholtz-Zentrum Berlin für Materialien und Energie GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.helmholtz-berlin.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21245145900147120734298105337566439912739979194738513592194519925898141822470435565164796244081046257825536166772613668883049034268454223918745430693812757230036256973442664494990474644354899643356370595894125903413167512417143570925830433284063613596185114793027651020636544733574459018280270466020275487542281201531360671676363158008052329867530477292873925744156244079825027639398246914490849225404337953595493509108083976617042206619307024808431071120574933743347346447701724030517185405779753969470238148083884034865092031565270668812457845325539009221215884275292813515787618730449568928327508909112992922945161
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							eab5ea256b6291fe88a29f8f184942803bebe837
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001859fedda3a0000040300473045022100bf40e5103355787a5b9fa8a5b170eb9e9d5c09c8251f4b7f83862dc8a948564b022043bcdffe5e94e2e191bd34af30542ac7e663bb9159848b0f35c6593d2f5bd78c007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001859fedda410000040300473045022100eadf7eb568be6053d4b00ca04290874a78a43e3eed82933d4d8f827af70a3797022007139c4c62905e2dddf01cc4bfe3d3bb4a17cdad69434e309741b520c76219a3007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001859fedda1d000004030047304502207c2582cb649d1a28d2cad4332d754aff7bbd5690a32096812e01c8a8585c44cb022100aae3d6903e003413e16a792e7300997569be3294170fe848597d36f6552654aa
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (239 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.helmholtz-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'helmholtz-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hz-b.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hz-b.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www1-prod.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2-prod.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www3-prod.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www4-prod.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwa.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwb.basisit.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwtest.helmholtz-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wwwtest.hz-b.de'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0057c63788fac0a6f67a5a20070454e16d73b3128b7b4063308c0c412282765389d2977212518155a5cf3c43c5127cadaeb2f7a2d6c74a5f7359f723a76b778161356c3ad228ac8fcbde60a97c4763d84422b038e0c2a42b7040887023f19ae25ddc432c719394efea2c31f6220eec919464217b7a76fec6aedc8a64101a994e1c35cc64e8762d7a7a06d31f0891f1664f82551ed59a8a33922797568e6e925ab5bdc03f6a4c33eaf968beb668068a405e8e28ebd41ae0ec43e9e8c4328812db6a238bc2ab617aedaaab51f709d1f9239c217e69358c658d75af0ea2a58bba093443210c0491e5ce1679b2e07f2570a803476599c77b93d5d2457421ef5c2f70cf7ec989f17e59a97edae8f6fa35a2b3fa3eb00e82ba1f3de1f1604ee24890a82617cf0c55940b4e8dd0d8d88b8aaaaade2f3b7ccb3231d8233e8873722fb1c6780d82e6845c7c5c4896d4ab155f49cd9e61bc778bd3f9140ad0e9aa7768b38256160e62e078aa32434bc9affd5ace3f20b13610c565ea3896c79400e1536b88ca4719a69252d80f6b87f531026111d0c4484eeebf259d92713f77872d5e03856ea8ca99170ab33d7d03f6602ac1002b94ec6dbfb141ba02b532314a426398c6d19a0baa3a4380b9a8082d91db311d533ad2e342013bd24ad0c0f25c8a4dba423f958cbbaef2042ca0d9641700787f200cba5d07520a1ff2a15494135992b33309