www.cbmb.ukaachen.de
- RWTH Aachen University -
Issued by GEANT OV RSA CA 4
About this certificate
This digital certificate with serial number 17:7b:a5:23:88:55:3e:fe:1e:72:75:06:0d:36:6b:6a was issued on by GEANT Vereniging.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
RWTH Aachen University
Organization:
RWTH Aachen University
State / Province:
Nordrhein-Westfalen
Country: DE
Country: DE
GEANT Vereniging
Organization:
GEANT Vereniging
Country:
NL
This certificate will expire on
Certificate Details
Serial Number (hex): 17:7b:a5:23:88:55:3e:fe:1e:72:75:06:0d:36:6b:6aSerial Number (int): 31214245829416156904727630609426836330
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId: 8b:34:09:b6:00:bc:a7:5e:7a:c3:d9:e2:91:45:41:15:d0:7c:e8:68
AuthorityKeyId: 6f:1d:35:49:10:6c:32:fa:59:a0:9e:bc:8a:e8:1f:95:be:71:7a:0c
Fingerprint (sha1): 66:fd:d3:1b:47:8e:d6:97:04:a9:d4:ac:b1:64:b6:ca:1a:5c:42:23
Fingerprint (sha256): 50:c2:b9:7c:4a:1b:3a:e2:5a:ca:2e:31:4f:d5:87:e5:29:a1:6d:66:d3:eb:29:39:30:2b:77:18:0b:10:78:44
Issuing Certificate URL: http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt
Revocation information
OCSP Server: http://GEANT.ocsp.sectigo.comCRL Distribution Point: http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
Check the revocation status for certificate www.cbmb.ukaachen.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cbmb.ukaachen.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cbmb.ukaachen.de
cbmb.ukaachen.de
cbmb.ukaachen.de
Other certificates including the domain name ukaachen.de
(limited to 100 certificates)
jobs.ukaachen.de
for2591.ukaachen.de
proans.ukaachen.de
db-ucr-ods-d1.ukaachen.de
sbc2-n5-trk2a.tk.ukaachen.de
vhukaprdai01.hec.klinikum.rwth-aachen.de
balu-api.ukaachen.de
balu-api.ukaachen.de
db-iris-ths-d.ukaachen.de
elab-oos.cloud.ukaachen.de
medienonline.ukaachen.de
sbc2-n5-trk2a.tk.ukaachen.de
webmail.ukaachen.de
isp-notfall.pacs.ukaachen.de
db-ucr-ods-p1.ukaachen.de
vhukasnqci.hec.klinikum.rwth-aachen.de
as-medwik-imi.klinikum.rwth-aachen.de
aed-logs.ukaachen.de
webmail.ukaachen.de
db-trans-p2.ukaachen.de
as-prime02.klinikum.rwth-aachen.de
medical.ukaachen.de
vhukasnqci.hec.klinikum.rwth-aachen.de
vhukasnpci.hec.klinikum.rwth-aachen.de
as-nicofa.klinikum.rwth-aachen.de
www.cbmb.ukaachen.de
www.ukaachen.de
balu-api.ukaachen.de
vhukaepqci.hec.klinikum.rwth-aachen.de
mediaface.ukaachen.de
ndp.ukaachen.de
sts.ukaachen.de
balu-api.ukaachen.de
as-covas01.klinikum.rwth-aachen.de
www.vm.ukaachen.de
aed-dashboard.ukaachen.de
elab.cloud.ukaachen.de
as-prime03.klinikum.rwth-aachen.de
db-ucr-p1.ukaachen.de
as-iris-ws-p1.ukaachen.de
webmail.ukaachen.de
ctca-edc.ukaachen.de
izkf.ukaachen.de
vhukabp1sbo01.hec.klinikum.rwth-aachen.de
db-hi-p1.ukaachen.de
startportal.ukaachen.de
gast01.klinikum.rwth-aachen.de
db-ucr-t1.ukaachen.de
as-ucr-ws-p1.ukaachen.de
mdmrelay.ukaachen.de
service-portal.ukaachen.de
test-support.ukaachen.de
jobs.ukaachen.de
intranet.ukaachen.de
intranet.ukaachen.de
as-ucr-ws-t1.ukaachen.de
labooratory-eslide.ukaachen.de
redcap-weber.klinikum.rwth-aachen.de
ldaps-int.ukaachen.de
jobs.ukaachen.de
www.e-learning.ukaachen.de
momo.ukaachen.de
test-support.ukaachen.de
apps.ukaachen.de
imioc.ukaachen.de
db-ucr-ods-d2.ukaachen.de
ums-relay01.ukaachen.de
jira-imi.ukaachen.de
intranet.ukaachen.de
forschungsportal.ukaachen.de
rechtskataster.ukaachen.de
as-simlab.klinikum.rwth-aachen.de
jobs.ukaachen.de
vhukasndci.hec.klinikum.rwth-aachen.de
vhukaqssci.hec.klinikum.rwth-aachen.de
mdmrelay.ukaachen.de
as-cobra01.klinikum.rwth-aachen.de
cmdb.ukaachen.de
forschungsportal.ukaachen.de
elab-oos.cloud.ukaachen.de
coupons.ukaachen.de
as-jira-imi.klinikum.rwth-aachen.de
webmail.ukaachen.de
openproject-gbma.ukaachen.de
labooratory-eslide.ukaachen.de
medical.ukaachen.de
cipher2.ukaachen.de
vhukaepdci.hec.klinikum.rwth-aachen.de
db-trans-p2.ukaachen.de
cipher2.ukaachen.de
db-hi-t1.ukaachen.de
jobs.ukaachen.de
support.ukaachen.de
www.cbmb.ukaachen.de
ukaachen.de
pwreset.ukaachen.de
forschungsportal.ukaachen.de
isp-pacs.pacs.ukaachen.de
vhukaeppci.hec.klinikum.rwth-aachen.de
sbc1-n5-trk2b.tk.ukaachen.de
for2591.ukaachen.de
proans.ukaachen.de
db-ucr-ods-d1.ukaachen.de
sbc2-n5-trk2a.tk.ukaachen.de
vhukaprdai01.hec.klinikum.rwth-aachen.de
balu-api.ukaachen.de
balu-api.ukaachen.de
db-iris-ths-d.ukaachen.de
elab-oos.cloud.ukaachen.de
medienonline.ukaachen.de
sbc2-n5-trk2a.tk.ukaachen.de
webmail.ukaachen.de
isp-notfall.pacs.ukaachen.de
db-ucr-ods-p1.ukaachen.de
vhukasnqci.hec.klinikum.rwth-aachen.de
as-medwik-imi.klinikum.rwth-aachen.de
aed-logs.ukaachen.de
webmail.ukaachen.de
db-trans-p2.ukaachen.de
as-prime02.klinikum.rwth-aachen.de
medical.ukaachen.de
vhukasnqci.hec.klinikum.rwth-aachen.de
vhukasnpci.hec.klinikum.rwth-aachen.de
as-nicofa.klinikum.rwth-aachen.de
www.cbmb.ukaachen.de
www.ukaachen.de
balu-api.ukaachen.de
vhukaepqci.hec.klinikum.rwth-aachen.de
mediaface.ukaachen.de
ndp.ukaachen.de
sts.ukaachen.de
balu-api.ukaachen.de
as-covas01.klinikum.rwth-aachen.de
www.vm.ukaachen.de
aed-dashboard.ukaachen.de
elab.cloud.ukaachen.de
as-prime03.klinikum.rwth-aachen.de
db-ucr-p1.ukaachen.de
as-iris-ws-p1.ukaachen.de
webmail.ukaachen.de
ctca-edc.ukaachen.de
izkf.ukaachen.de
vhukabp1sbo01.hec.klinikum.rwth-aachen.de
db-hi-p1.ukaachen.de
startportal.ukaachen.de
gast01.klinikum.rwth-aachen.de
db-ucr-t1.ukaachen.de
as-ucr-ws-p1.ukaachen.de
mdmrelay.ukaachen.de
service-portal.ukaachen.de
test-support.ukaachen.de
jobs.ukaachen.de
intranet.ukaachen.de
intranet.ukaachen.de
as-ucr-ws-t1.ukaachen.de
labooratory-eslide.ukaachen.de
redcap-weber.klinikum.rwth-aachen.de
ldaps-int.ukaachen.de
jobs.ukaachen.de
www.e-learning.ukaachen.de
momo.ukaachen.de
test-support.ukaachen.de
apps.ukaachen.de
imioc.ukaachen.de
db-ucr-ods-d2.ukaachen.de
ums-relay01.ukaachen.de
jira-imi.ukaachen.de
intranet.ukaachen.de
forschungsportal.ukaachen.de
rechtskataster.ukaachen.de
as-simlab.klinikum.rwth-aachen.de
jobs.ukaachen.de
vhukasndci.hec.klinikum.rwth-aachen.de
vhukaqssci.hec.klinikum.rwth-aachen.de
mdmrelay.ukaachen.de
as-cobra01.klinikum.rwth-aachen.de
cmdb.ukaachen.de
forschungsportal.ukaachen.de
elab-oos.cloud.ukaachen.de
coupons.ukaachen.de
as-jira-imi.klinikum.rwth-aachen.de
webmail.ukaachen.de
openproject-gbma.ukaachen.de
labooratory-eslide.ukaachen.de
medical.ukaachen.de
cipher2.ukaachen.de
vhukaepdci.hec.klinikum.rwth-aachen.de
db-trans-p2.ukaachen.de
cipher2.ukaachen.de
db-hi-t1.ukaachen.de
jobs.ukaachen.de
support.ukaachen.de
www.cbmb.ukaachen.de
ukaachen.de
pwreset.ukaachen.de
forschungsportal.ukaachen.de
isp-pacs.pacs.ukaachen.de
vhukaeppci.hec.klinikum.rwth-aachen.de
sbc1-n5-trk2b.tk.ukaachen.de
Certificate
The complete raw certificate details for www.cbmb.ukaachen.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIczCCBlugAwIBAgIQF3ulI4hVPv4ecnUGDTZrajANBgkqhkiG9w0BAQwFADBE MQswCQYDVQQGEwJOTDEZMBcGA1UEChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UE AxMRR0VBTlQgT1YgUlNBIENBIDQwHhcNMjMxMjEzMDAwMDAwWhcNMjQxMjEyMjM1 OTU5WjBrMQswCQYDVQQGEwJERTEcMBoGA1UECBMTTm9yZHJoZWluLVdlc3RmYWxl bjEfMB0GA1UEChMWUldUSCBBYWNoZW4gVW5pdmVyc2l0eTEdMBsGA1UEAxMUd3d3 LmNibWIudWthYWNoZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQCsyHGPWM6aoPzkmAdQiuYzNKBqUddfbXpAzT0uz75w5bqMw1Dbus1Iqp6bXAZO 7tkEkyYA7CHRo9iSp1WclifcwzQ9s5A07bf43DZsK5DzT69tV1+0nb5CsvCcxdiN n50DA0h+FVWANkVCN5+3nNUjWrBqP513Kha5YnwEtxLqZiFc4aKnZpsxI3wiswvw KDwkXfiD8f3TEGVMkRQPvM1XEdcLglJ5cT2/qO5CZvXIYKw4tXM6F4SthHhAiWMl 33mCjX5lMCBCKnGWnyyaEEc1i1zMTR7S3viHNdXwJUsOw2NGep9+yoiO2Ld2Ijgn uRtr7NEufEgFvjSy9sHp57pdhBUjOAneo/1ll7S+kE5k3ZLO74/3hLZOOHDXNMUW dMv5Ex7zYtg50J8ZOV7kYSHfCDScr6sOq+junsX/8wQVWI1Tx4n/fyT999IfHDZb L6zA8N+ov8k+REpuM+qxRxo+ZMAOe9TqdupDgpgL9eqAFU79W9tJnG8fqicUBbGM hNi6NpDp3HVhGkzgJymcVgg1hUI2H6ofuSXqApBzvYXLqHenk23RV6btfZM8rWfU pT5tWQHGtde6gge8dLeJV3QzHRCioAjjBTAxKnNelf76C9XaXfeHQ+Dnkklt5jlu SBEwFfQcybtvRVHkEckF0hL4ZL+meBo3yzjuYp4LeuV6hwIDAQABo4IDODCCAzQw HwYDVR0jBBgwFoAUbx01SRBsMvpZoJ68iugflb5xegwwHQYDVR0OBBYEFIs0CbYA vKdeesPZ4pFFQRXQfOhoMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQB sjEBAgJPMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgG BmeBDAECAjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vR0VBTlQuY3JsLnNlY3Rp Z28uY29tL0dFQU5UT1ZSU0FDQTQuY3JsMHUGCCsGAQUFBwEBBGkwZzA6BggrBgEF BQcwAoYuaHR0cDovL0dFQU5ULmNydC5zZWN0aWdvLmNvbS9HRUFOVE9WUlNBQ0E0 LmNydDApBggrBgEFBQcwAYYdaHR0cDovL0dFQU5ULm9jc3Auc2VjdGlnby5jb20w ggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB1AHb/iD8KtvuVUcJhzPWHujS0pM27 KdxoQgqf5mdMWjp0AAABjGL6GfQAAAQDAEYwRAIgHU56wiMRHbJUvfgxmx7nqOL+ gVj5oWvu69Nw6X9j1ysCIHdsnD5mJr3KJA0EFkLrRSlnm+MkDe+hNxvOiG0byfXA AHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGMYvoaGAAABAMA RzBFAiEAtXkjEfof3wH9UhU52CCp9YSze/27l1SNPYTt/soZBXkCIDN5CbyxDvGV jNYZ2WNw0EsJCWvsvEfCZ13iKb4fJURHAHYA7s3QZNXbGs7FXLedtM0TojKHRny8 7N7DUUhZRnEftZsAAAGMYvoaIQAABAMARzBFAiAEu9bOkgYM96jM7+LRyWbn2Btn troj8AMg5LVCK1tAQQIhAP8DX+LsJ73ch9GKBZhzOhO1vWbn8TNPHyexGGXi3Vyq MDEGA1UdEQQqMCiCFHd3dy5jYm1iLnVrYWFjaGVuLmRlghBjYm1iLnVrYWFjaGVu LmRlMA0GCSqGSIb3DQEBDAUAA4ICAQATg4P2DMdPziSp3Ic0w/XSwF1MtDyKwWDD VX/qGJLIr+a6v9ZKhO/XKlcQut/vniTRNanPZ7CL+ncGLF494fC+rJ8JUonfqUAP 5p/vltL3WG+X2oMz0M4Aval/Ad7Y7p/MzE/FvDk0KA6iYGQ9tNL90ZmiB3FnsAZ7 BxpcUkKJmppjhm2DOGUuJinqw+It5628EceeTTHa28aQGxT5kWuZJFwco7XYdliW JrFxUy+WV/zXEGvI9sTS6VorFt5F7Jjw1ZGouYu9dryQKdK97eYkOOpmC3T2ezb8 e7Et/FEscwN3lms3ctBVmkNOm5jxPIMRrCOqLeuMkIJqTPCmnSU2PIZx7JT8f6a9 yEm+bbk/ae2Tz2KzwEFihR7Xe0QUJSxaGR01BTNqeU52GzKGOei8Y6LZAAM8Z1YY eKJi632zxvNSiu+H5e+qf3lvGF/an1WkQgWKG3zyrRKGfsLJVz4+AX/vW48UIc/v ORzPS86pDA+twlfn7OYpC3srh1uFFKvVIbRYh01COY9BeF/5YbFqxlutMB0fWYLf +76MiYB47wko/8vitBK0eWcvRD7ybUXZsCNt2zZQl2RHvoFCBvWgLvb8EJyTvz6c am4PFmRggG970pMd/u9fOK4oCT5pZYRfedaTPK6BLufMIMMnAY229AU/EqqqGZQI eLhFjjN41g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArMhxj1jOmqD85JgHUIrm MzSgalHXX216QM09Ls++cOW6jMNQ27rNSKqem1wGTu7ZBJMmAOwh0aPYkqdVnJYn 3MM0PbOQNO23+Nw2bCuQ80+vbVdftJ2+QrLwnMXYjZ+dAwNIfhVVgDZFQjeft5zV I1qwaj+ddyoWuWJ8BLcS6mYhXOGip2abMSN8IrML8Cg8JF34g/H90xBlTJEUD7zN VxHXC4JSeXE9v6juQmb1yGCsOLVzOheErYR4QIljJd95go1+ZTAgQipxlp8smhBH NYtczE0e0t74hzXV8CVLDsNjRnqffsqIjti3diI4J7kba+zRLnxIBb40svbB6ee6 XYQVIzgJ3qP9ZZe0vpBOZN2Szu+P94S2Tjhw1zTFFnTL+RMe82LYOdCfGTle5GEh 3wg0nK+rDqvo7p7F//MEFViNU8eJ/38k/ffSHxw2Wy+swPDfqL/JPkRKbjPqsUca PmTADnvU6nbqQ4KYC/XqgBVO/VvbSZxvH6onFAWxjITYujaQ6dx1YRpM4CcpnFYI NYVCNh+qH7kl6gKQc72Fy6h3p5Nt0Vem7X2TPK1n1KU+bVkBxrXXuoIHvHS3iVd0 Mx0QoqAI4wUwMSpzXpX++gvV2l33h0Pg55JJbeY5bkgRMBX0HMm7b0VR5BHJBdIS +GS/pngaN8s47mKeC3rleocCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 31214245829416156904727630609426836330 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT Vereniging' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEANT OV RSA CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nordrhein-Westfalen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RWTH Aachen University' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cbmb.ukaachen.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 704893070783053638888201869673029066342683599799970699174248872156482875067705666253186263061151654553928427469835914152828121336431356443104977789356282788840210325112292044088419310980066895085663834486241439948748183837010858940541243671506939486711011950130374222416271354784928419429349455979149409189762767038164400451749913605359663997330966692639912583271053617983768331871154551401128778984581055744741145366250162522711755491418690605022715133843329699330261821751255657228966883037580829630241617943171160508456367089868380274005880178937205304944268329810864265097103086390994647043622565775651105715587707833734835569041768902018174582931763324874318340959156747965666673538587006873499398824716761270431599142390032135175383280386408897053501044527214232992539271484354984483077062466343434391627473730479681022252581642102282839988640009464625431316912747100944844810682254090568046208604217183739029307316603815041049576591100776955340122930591301826695056009870198571095903768153653224908372362441816637244252251011961794194363154239896265446762930614285346280808990524447682418877482908025420729538492740503866833249419644649540602168819195701899334284610756793609342340381383245286527479674156363453239496660056711 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6f1d3549106c32fa59a09ebc8ae81f95be717a0c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8b3409b600bca75e7ac3d9e291454115d07ce868 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.79 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.crt.sectigo.com/GEANTOVRSACA4.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://GEANT.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c62fa19f4000004030046304402201d4e7ac223111db254bdf8319b1ee7a8e2fe8158f9a16beeebd370e97f63d72b0220776c9c3e6626bdca240d041642eb4529679be3240defa1371bce886d1bc9f5c00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c62fa1a180000040300473045022100b5792311fa1fdf01fd521539d820a9f584b37bfdbb97548d3d84edfeca1905790220337909bcb10ef1958cd619d96370d04b09096becbc47c2675de229be1f254447007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c62fa1a210000040300473045022004bbd6ce92060cf7a8ccefe2d1c966e7d81b67b6ba23f00320e4b5422b5b4041022100ff035fe2ec27bddc87d18a0598733a13b5bd66e7f1334f1f27b11865e2dd5caa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cbmb.ukaachen.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cbmb.ukaachen.de' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00138383f60cc74fce24a9dc8734c3f5d2c05d4cb43c8ac160c3557fea1892c8afe6babfd64a84efd72a5710badfef9e24d135a9cf67b08bfa77062c5e3de1f0beac9f095289dfa9400fe69fef96d2f7586f97da8333d0ce00bda97f01ded8ee9fcccc4fc5bc3934280ea260643db4d2fdd199a2077167b0067b071a5c5242899a9a63866d8338652e2629eac3e22de7adbc11c79e4d31dadbc6901b14f9916b99245c1ca3b5d876589626b171532f9657fcd7106bc8f6c4d2e95a2b16de45ec98f0d591a8b98bbd76bc9029d2bdede62438ea660b74f67b36fc7bb12dfc512c730377966b3772d0559a434e9b98f13c8311ac23aa2deb8c90826a4cf0a69d25363c8671ec94fc7fa6bdc849be6db93f69ed93cf62b3c04162851ed77b4414252c5a191d3505336a794e761b328639e8bc63a2d900033c67561878a262eb7db3c6f3528aef87e5efaa7f796f185fda9f55a442058a1b7cf2ad12867ec2c9573e3e017fef5b8f1421cfef391ccf4bcea90c0fadc257e7ece6290b7b2b875b8514abd521b458874d42398f41785ff961b16ac65bad301d1f5982dffbbe8c898078ef0928ffcbe2b412b479672f443ef26d45d9b0236ddb3650976447be814206f5a02ef6fc109c93bf3e9c6a6e0f166460806f7bd2931dfeef5f38ae28093e6965845f79d6933cae812ee7cc20c327018db6f4053f12aaaa19940878b8458e3378d6