*.shan02.han.tib.eu

- Leibniz Universitaet Hannover -

Issued by DFN-Verein Global Issuing CA

About this certificate

This digital certificate with serial number 21:3d:9b:37:7f:d7:54:51:c3:c0:e9:83 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Leibniz Universitaet Hannover

Organization: Leibniz Universitaet Hannover
Organization unit: Projekt TIB EDV
State / Province: Niedersachsen
Locality: Hannover
Country: DE

Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.

Organization: Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Country: DE

This certificate has expire since

Certificate Details

Serial Number (hex): 21:3d:9b:37:7f:d7:54:51:c3:c0:e9:83
Serial Number (int): 10287482789688572769571236227
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: b2:ee:7e:2d:4f:f1:08:bc:97:8c:b0:0c:fd:b3:60:20:45:ac:46:44
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74

Fingerprint (sha1): 74:51:c7:c3:48:17:5a:22:93:41:d0:ca:73:77:23:a6:65:ec:6d:41
Fingerprint (sha256): 6d:06:63:47:9f:6d:1d:1e:34:62:8e:84:95:ea:c1:89:da:37:0c:96:1e:59:c9:1e:d7:67:5a:b4:65:d3:b4:b5

Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt

Revocation information

OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSP
CRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl

Check the revocation status for certificate *.shan02.han.tib.eu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.shan02.han.tib.eu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.shan02.han.tib.eu

Other certificates including the domain name tib.eu

(limited to 100 certificates)
mybib11.test.docdel.tib.eu
tib.eu
tib.eu
gitintra.rz.tib.eu
msxmail.mtest.tib.eu
admin.tib.eu
news.tib.eu
imap.admin.tib.eu
rdgw01.rds.tib.eu
lbst.tib.eu
tib.eu
tib.eu
git.tib.eu
git.tib.eu
vhlbs.tib.eu
msxmail.mtest.tib.eu
opac.tib.eu
opact.tib.eu
mybib11.test.docdel.tib.eu
scbp01.rds.tib.eu
tib.eu
scbp01.rds.tib.eu
news.tib.eu
tib.eu
git.tib.eu
imap.tib.eu
opac.tib.eu
mailgate.tib.eu
mybib01.develop.docdel.tib.eu
mybib01.develop.docdel.tib.eu
nscale-prod.tib.eu
nscale-prod.tib.eu
news.tib.eu
checkmk.admin.tib.eu
*.av.tib.eu
news.tib.eu
*.labs.tib.eu
*.projects.tib.eu
news.tib.eu
av.tib.eu
tib.eu
*.shan01.han.tib.eu
bibcontrol.tib.eu
xmpp.rrzn.uni-hannover.de
ssollw01.tib.eu
news.tib.eu
*.SHAN02.HAN.TIB.EU
tib.eu
primion.tib.eu
admin.tib.eu
docdel.tib.eu
tib.eu
msxmail.tib.eu
mybib21.docdel.tib.eu
tib.eu
tib.eu
mailgate.tib.eu
*.develop.tib.eu
waswenn.tib.eu
vhlbs.tib.eu
mailgate.tib.eu
*.shan02.han.tib.eu
tib.eu
tib.eu
tib.eu
tib.eu
tib.eu
gitintra.rz.tib.eu
office.tib.eu
*.fid-move.tib.eu
opact.tib.eu
*.shan01.han.tib.eu
*.shan01.han.tib.eu
xmpp.rrzn.uni-hannover.de
*.projects.tib.eu
opac.tib.eu
rdgw01.rds.tib.eu
opac.tib.eu
edocs.tib.eu
*.av.tib.eu
scbp01.rds.tib.eu
news.tib.eu
*.shan01.han.tib.eu
av.tib.eu
ssollw02.tib.eu
tib.eu
tib.eu
*.develop.tib.eu
tib.eu
rdgw01.rds.tib.eu
tib.eu
news.tib.eu
lbst.tib.eu
checkmk.admin.tib.eu
tib.eu
*.shan02.han.tib.eu
msxmail.tib.eu
sqpilotra01.tib.eu
tib.eu
tib.eu

Certificate

The complete raw certificate details for *.shan02.han.tib.eu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJdjCCCF6gAwIBAgIMIT2bN3/XVFHDwOmDMA0GCSqGSIb3DQEBCwUAMIGNMQsw
CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t
UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTE5
MDcwNDE1MzkyNVoXDTIxMTAwNTE1MzkyNVowgZgxCzAJBgNVBAYTAkRFMRYwFAYD
VQQIDA1OaWVkZXJzYWNoc2VuMREwDwYDVQQHDAhIYW5ub3ZlcjEmMCQGA1UECgwd
TGVpYm5peiBVbml2ZXJzaXRhZXQgSGFubm92ZXIxGDAWBgNVBAsMD1Byb2pla3Qg
VElCIEVEVjEcMBoGA1UEAwwTKi5zaGFuMDIuaGFuLnRpYi5ldTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANdmCDWVxiqkEpLQw2IMDTDQdyihDso7uv76
adf3v+YLM3PPoh1Ooqh975z3TVrQn2Rfk+vYcdaM4claeY0lAuKxozHu4+OKdpH1
+6wl4e/UqWJb+M6YJAZKv5u3Ahai1nL+HX9Gfi9ObVQBCOIzGMeWdBAkD8Dqj3a+
St7q2A+DQ6ypubbuVBEeJZ5Ntc8CIO/88lOVWxzCf6TfS8+e8LvqaLbpQ1x04TR0
aROW5LbhCKsEYmAuA4raFEdb4pVvY7DGMgOxcmatedtVfnNcRUsRSmMc5PkMj9N2
27LsXic/29PhzyXdJiZezNP13yGfFDEtYX9TdaJG9TpEr8FqptECAwEAAaOCBccw
ggXDMFcGA1UdIARQME4wCAYGZ4EMAQICMA0GCysGAQQBga0hgiweMA8GDSsGAQQB
ga0hgiwBAQQwEAYOKwYBBAGBrSGCLAEBBAQwEAYOKwYBBAGBrSGCLAIBBAQwCQYD
VR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
AQUFBwMBMB0GA1UdDgQWBBSy7n4tT/EIvJeMsAz9s2AgRaxGRDAfBgNVHSMEGDAW
gBRrOpiL+fJTidrgrbIyHgkf6Ko7dDAeBgNVHREEFzAVghMqLnNoYW4wMi5oYW4u
dGliLmV1MIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9jZHAxLnBjYS5kZm4u
ZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3JsL2NhY3JsLmNybDA/oD2gO4Y5aHR0
cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jcmwvY2Fj
cmwuY3JsMIHbBggrBgEFBQcBAQSBzjCByzAzBggrBgEFBQcwAYYnaHR0cDovL29j
c3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZlci9PQ1NQMEkGCCsGAQUFBzAChj1odHRw
Oi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NhY2VydC9j
YWNlcnQuY3J0MEkGCCsGAQUFBzAChj1odHRwOi8vY2RwMi5wY2EuZGZuLmRlL2Rm
bi1jYS1nbG9iYWwtZzIvcHViL2NhY2VydC9jYWNlcnQuY3J0MIIDXgYKKwYBBAHW
eQIEAgSCA04EggNKA0gAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZ
EwAAAWu9o/iMAAAEAwBGMEQCIFXYgSk/WcoHiB4qIFxw860cmbmgUoomofKBHTQU
291mAiAKkd3r5G7pLSVLvy03pveYva9UbymNHQgFGQ55Qc7qawB3AFWB1MIWkDYB
SuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABa72j+YgAAAQDAEgwRgIhAJF7BiGQ
Nn09AZx3lsoS81WbPvXLhSDgt0cVQsb3XspUAiEAyGSz/VN6p9124zMor4pKIDrL
ea/DGwQipM1816pdhT0AdwCq5wt/PLjVZshsLxaXnJ9EX2mrDrRTVYmy93oDAQTz
zQAAAWu9o/vxAAAEAwBIMEYCIQCznKLfRig79SksyOb0rkIKK5ZWe/vycDHXDFWt
Dn6GFwIhAIorRzCFnQc0GiankMCrfxjFJRdhyfkeKk3NsLDHBuW+AHYApLkJkLQY
WBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFrvaP6PAAABAMARzBFAiEA8JJ0
CTyfwWoaH31UhxUueo60Fldsv+8m/yLLeOGRevQCIA729zSOXL7OB4hvENhPIYxT
K89nhMcBM/XoO5wy4QnuAHUA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo
/csAAAFrvaP6QAAABAMARjBEAiBktIP3kEEHt0+RKo61CLm22EcgFn7cE3Tzhm+i
h1ZekQIgJhFok5TQlS/rJ9iyR9Yjj5eM3Q2kVIQaBUFzhiAo3AUAdgC72d+8H4px
tZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWu9o/o4AAAEAwBHMEUCICz/n5Wi
rPRpWq9iHVX7LXyfq2U9uqN7BzRHRx1320UwAiEA0CkDQlOU3zqpDybBKMxNay3l
o40lyYuG8ANxwNdfS4QAdgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaB
qAAAAWu9o/8CAAAEAwBHMEUCIGy2pkydG5tnUmiJf6iTrAG0TempMEieemppobjz
YORyAiEAxmhK6RR9ZZKP1OYJacHiCrPYA5bXJG2YZFp71O4aklAwDQYJKoZIhvcN
AQELBQADggEBAINUCDpf7/ml1aRlPuu5XrnOBlkw96xHVqeL3QmM5V/lTdO4Gcz8
iQXGj4xFeHwVj3cap0J+zZGX733Ffo93CrJXP8Mdce9uWmvoiMZUsWFXQPvfALcq
EFRcodpFN/pDDjUqmQ/kdHsCXp7iJ659QttxUvIVGoycudPwuFO7h2mF21Bkw7H5
QY6VLcP6lhrCKagUkXqs0MwhdahVhsfyr/RhIxZ0Mb5VKP23M70ESJnxmRdwxb7e
X8gFPa72xbb3KgW/CrqfEe+UDwR8UknflIcEJitHd1eFNfKA43zMA+ujGu5qQBZK
26qBheavXKOnVjmPDr4/BCEeKG1/LEqPsrQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12YINZXGKqQSktDDYgwN
MNB3KKEOyju6/vpp1/e/5gszc8+iHU6iqH3vnPdNWtCfZF+T69hx1ozhyVp5jSUC
4rGjMe7j44p2kfX7rCXh79SpYlv4zpgkBkq/m7cCFqLWcv4df0Z+L05tVAEI4jMY
x5Z0ECQPwOqPdr5K3urYD4NDrKm5tu5UER4lnk21zwIg7/zyU5VbHMJ/pN9Lz57w
u+potulDXHThNHRpE5bktuEIqwRiYC4DitoUR1vilW9jsMYyA7FyZq1521V+c1xF
SxFKYxzk+QyP03bbsuxeJz/b0+HPJd0mJl7M0/XfIZ8UMS1hf1N1okb1OkSvwWqm
0QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10287482789688572769571236227
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-04 15:39:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-05 15:39:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Niedersachsen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Hannover'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Leibniz Universitaet Hannover'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Projekt TIB EDV'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.shan02.han.tib.eu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27191549455481670483993382723098048053722871721388063416118185997389899174544110448275806561511445946313007843275630895463747948091096650540366077955053155888379747862178149075677770650798680976730807259835531700337858427521709971466920827773995606907898367248736367055506616526394394277666290633747921448132292163992696794518840457611351933660500698786580188100529433769737434809110731625798930837148379036877398554645422151830108112722213644817094277993021670400307444327602406229550132672390584018389279613974607869881676561386833759825942958180995497679933374639100104368185132728580258314111669755951238791997137
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b2ee7e2d4ff108bc978cb00cfdb3602045ac4644
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shan02.han.tib.eu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (846 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (842 bytes)
							03480075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016bbda3f88c0000040300463044022055d881293f59ca07881e2a205c70f3ad1c99b9a0528a26a1f2811d3414dbdd6602200a91ddebe46ee92d254bbf2d37a6f798bdaf546f298d1d0805190e7941ceea6b0077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016bbda3f9880000040300483046022100917b062190367d3d019c7796ca12f3559b3ef5cb8520e0b7471542c6f75eca54022100c864b3fd537aa7dd76e33328af8a4a203acb79afc31b0422a4cd7cd7aa5d853d007700aae70b7f3cb8d566c86c2f16979c9f445f69ab0eb4535589b2f77a030104f3cd0000016bbda3fbf10000040300483046022100b39ca2df46283bf5292cc8e6f4ae420a2b96567bfbf27031d70c55ad0e7e86170221008a2b4730859d07341a26a790c0ab7f18c5251761c9f91e2a4dcdb0b0c706e5be007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016bbda3fa3c0000040300473045022100f09274093c9fc16a1a1f7d5487152e7a8eb416576cbfef26ff22cb78e1917af402200ef6f7348e5cbece07886f10d84f218c532bcf6784c70133f5e83b9c32e109ee007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016bbda3fa400000040300463044022064b483f7904107b74f912a8eb508b9b6d84720167edc1374f3866fa287565e9102202611689394d0952feb27d8b247d6238f978cdd0da454841a054173862028dc05007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016bbda3fa38000004030047304502202cff9f95a2acf4695aaf621d55fb2d7c9fab653dbaa37b073447471d77db4530022100d02903425394df3aa90f26c128cc4d6b2de5a38d25c98b86f00371c0d75f4b840076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016bbda3ff02000004030047304502206cb6a64c9d1b9b675268897fa893ac01b44de9a930489e7a6a69a1b8f360e472022100c6684ae9147d65928fd4e60969c1e20ab3d80396d7246d98645a7bd4ee1a9250
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008354083a5feff9a5d5a4653eebb95eb9ce065930f7ac4756a78bdd098ce55fe54dd3b819ccfc8905c68f8c45787c158f771aa7427ecd9197ef7dc57e8f770ab2573fc31d71ef6e5a6be888c654b1615740fbdf00b72a10545ca1da4537fa430e352a990fe4747b025e9ee227ae7d42db7152f2151a8c9cb9d3f0b853bb876985db5064c3b1f9418e952dc3fa961ac229a814917aacd0cc2175a85586c7f2aff46123167431be5528fdb733bd044899f1991770c5bede5fc8053daef6c5b6f72a05bf0aba9f11ef940f047c5249df948704262b4777578535f280e37ccc03eba31aee6a40164adbaa8185e6af5ca3a756398f0ebe3f04211e286d7f2c4a8fb2b4