*.gfn.de

Issued by Sectigo RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number 3f:e4:99:f7:33:66:0c:5a:31:c5:7e:16:58:bc:c3:98 was issued on by Sectigo Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.gfn.de

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): 3f:e4:99:f7:33:66:0c:5a:31:c5:7e:16:58:bc:c3:98
Serial Number (int): 84928330212128244687791510558626071448
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: b7:e2:54:a2:e9:7d:44:72:42:ca:71:aa:d4:55:27:07:d8:b3:0b:d5
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (sha1): ee:7f:10:ab:6b:9e:5d:b6:da:49:41:7c:fd:2c:dd:4e:d3:bd:2d:c4
Fingerprint (sha256): 71:91:e2:d1:b7:76:66:15:15:a9:73:cb:b1:0b:f4:6d:3c:50:2b:18:c8:f6:bd:43:b1:b5:13:05:d1:b0:ef:35

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate *.gfn.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.gfn.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.gfn.de
gfn.de

Other certificates including the domain name gfn.de

(limited to 100 certificates)
*.gfn.de
www.mercedcapital.com
flexicon.space
d-pro.monsuivilogement.fr
www.bemote.works
old.hugo.eynard-home.fr
*.gfn.de
emails.webcat.app
jrguimarae.online
earthtimelines.com
leadin-preview.gfn.de
www.blacksapphiregoa.com
stevensonprice.com
4leaf.co.in
mail.gfn.de
smart.nilsh.ch
codemiro.com
www.windowtising.com
*.gfn.de
www.woodofmetal.com
qa-m.dlg1.app
asvntech.com
cancom-akademie.gfn.de
*.gfn.de
*.gfn.de
tallogsymboler.no
cancom-akademie.gfn.de
www.docode.se
seo3.gfn.de
swarm.work
www.gianhomes.ca
demo.medconference.com.br
hedonism.pl
www.igloo.property
lernplattform.gfn.de
dspot.studio
smart.nilsh.ch
qa-m.dlg1.app
sodexo.seguimiento.rayoapp.com
seo.gfn.de

Certificate

The complete raw certificate details for *.gfn.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHIDCCBgigAwIBAgIQP+SZ9zNmDFoxxX4WWLzDmDANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
MB4XDTIzMTAyMzAwMDAwMFoXDTI0MTEwNTIzNTk1OVowEzERMA8GA1UEAwwIKi5n
Zm4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQChozf/1fY+tXdK
y6eUEcWoCY5ieEPPLczUcIMGkActYBhQ/hYRq90cCIeM86s+RaCbvE94lEbWUhfS
UeRPxc1LCkGjNctQJfVmrucsgF+tLrXlAN8LAHQW6Tk8Xcbb9Gr+hKtj4WcdwlkK
Nmb+6cMn+huAaVVfIZVkjhrqFpc9HxKOgplmGVcNSlbeOlvd+YWameoJfWHz2A3A
tdX9MQncavZUASi/4hHAsy615PnoqAWarwLjHTfryL+OIkvbhD9JyPTqq6zfrcNy
YojVdMcJGRAj262WENu3QWUDGjjOoSwWS+naDTnCLdWOlVdkBZICaKsDNzMtHsx4
7wnr/Q9e1NkhInKDvGq6J0aaBNr1YTZBkoO66DNVTpFfyLigTQYnXNmAjbwAdzto
z07Sl4nVNBqmOYnw81113FUDOrisHk4RiEhZ6MJVMIrKesOHVrZmWS8SlS9uhtJg
Y1NqXIidGimczQLNRgiB9rgSAqXOLfn9sz4c4y0/1Toq53Ip+0MR+JGuHkMfrPPD
fgCS+mAya1l0F9iLPkZP8u//9yzNN+YRIfea/wPI1dwxVRzcTa1CKZbpZXxH6kSx
UqGYca3VMhIaJoU3GEab/1j6/rd4VIl7SyRzOJXAcwCEinHV5GU4lUubehXPO+i6
gk2y61tE2pkvhvYV+yiTcx7iKYDumQIDAQABo4IC8TCCAu0wHwYDVR0jBBgwFoAU
jYxexFStiuF36Zv5mwXhuAGNYeEwHQYDVR0OBBYEFLfiVKLpfURyQspxqtRVJwfY
swvVMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgIHMCUwIwYI
KwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBhAYI
KwYBBQUHAQEEeDB2ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LnNlY3RpZ28uY29t
L1NlY3RpZ29SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMG
CCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTAbBgNVHREEFDASgggq
Lmdmbi5kZYIGZ2ZuLmRlMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQB2/4g/
Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYtcZcpaAAAEAwBGMEQCIDF0
dC7cYbMWM7kaxzJV/3I2lS/Sj0BTA6l7Q7TWuJBpAiA5LN47lHgleYsolGDzvZk8
SMM4qH3DrnFa8Fm2C8h/FAB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI
1/urAAABi1xlyp0AAAQDAEYwRAIgVFjTqUTsrCEs1f8EFbG6oAklVMqAU6qEc54U
Aau8GsECIFLwa5Uf5rrTNetaLMX23eJC3hMcWlXV4ES7u9vdKEjeAHcA7s3QZNXb
Gs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLXGXKzQAABAMASDBGAiEAxGFb
9D1DiMw+xO70P4V0D5gAzhZ1WGTLT4dEXyIg0t4CIQDN4jU3gpHAgjXunfuSi/f7
HuhzXOHoH3+Px+FZF2ay2zANBgkqhkiG9w0BAQsFAAOCAQEAU+aSpFnBtbP3Pd3P
Nql69eDtQwHbzTNtoZ9NxaIulbtbssO1CVUgjHJPajelHvPxI5Fnjv9UsL5KCr/c
W+komXxOaNap2/B7n+NMkvqfoKwWJnioOFfeCVWqGM+F0MInPlN1UDtc9VedzJcU
PqrbN9KVrfm+V4ZDSx/VN3F9+bAB96bmGyqZPhUyskxfKRxISC5Aa6lm9+igxEAn
9Q9l0IElYAjAglgGFrrlqqZlEuKi/gN10M+BfKjvtNJSv/KhS3ig2rgLCeyYbsin
7X7gq99Hmx1YhWiW2oYBtR+OsCA8f23GuMJbWr4rwhtzxHiA/8f1ULmG9lyvu9qa
pH8UVg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoaM3/9X2PrV3SsunlBHF
qAmOYnhDzy3M1HCDBpAHLWAYUP4WEavdHAiHjPOrPkWgm7xPeJRG1lIX0lHkT8XN
SwpBozXLUCX1Zq7nLIBfrS615QDfCwB0Fuk5PF3G2/Rq/oSrY+FnHcJZCjZm/unD
J/obgGlVXyGVZI4a6haXPR8SjoKZZhlXDUpW3jpb3fmFmpnqCX1h89gNwLXV/TEJ
3Gr2VAEov+IRwLMuteT56KgFmq8C4x0368i/jiJL24Q/Scj06qus363DcmKI1XTH
CRkQI9utlhDbt0FlAxo4zqEsFkvp2g05wi3VjpVXZAWSAmirAzczLR7MeO8J6/0P
XtTZISJyg7xquidGmgTa9WE2QZKDuugzVU6RX8i4oE0GJ1zZgI28AHc7aM9O0peJ
1TQapjmJ8PNdddxVAzq4rB5OEYhIWejCVTCKynrDh1a2ZlkvEpUvbobSYGNTalyI
nRopnM0CzUYIgfa4EgKlzi35/bM+HOMtP9U6KudyKftDEfiRrh5DH6zzw34Akvpg
MmtZdBfYiz5GT/Lv//cszTfmESH3mv8DyNXcMVUc3E2tQimW6WV8R+pEsVKhmHGt
1TISGiaFNxhGm/9Y+v63eFSJe0skcziVwHMAhIpx1eRlOJVLm3oVzzvouoJNsutb
RNqZL4b2Ffsok3Me4imA7pkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 84928330212128244687791510558626071448
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.gfn.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 659423766806728464069239920482082192913655507526843263940859625089165110311197822831838350094178193836961948390250307772442233702792165816171459326053319852834927549400428797829007971644683332660001882709400090709877346092838563977278125092285045024487072546773272048309891889207819984712792979690537836801040883426377026858151488863430637849634025830081441961318887195977553696516946403335588570731468516966050657192350161899389702829279738613233777790976823250632766450516702690276810376466254468540219335432279576221680487463811758058697996510813490079532829070145518453297512484936214620135761111845226199599395601645299670357927168410253176464596481576127425578076076490424309845227619786963232796313451711765961958901334390063319722188477009633847027008605017178368594449323210602832467758869251664268199559218634732088834780700385390296211795230816114254039875444365859002096798608773160547165542872711036159913650168853206244876111865368747428342336149595285360957059891158481773066103406086560838786631051498850430094466423090268051076089370983679611779623168997235313840489533275954857502564802744280650872386581706851627969065567838702217682693030543528227830589271310290110455780252725408054359061156023957349688837992089
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b7e254a2e97d447242ca71aad4552707d8b30bd5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gfn.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gfn.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b5c65ca5a000004030046304402203174742edc61b31633b91ac73255ff7236952fd28f405303a97b43b4d6b890690220392cde3b947825798b289460f3bd993c48c338a87dc3ae715af059b60bc87f14007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b5c65ca9d000004030046304402205458d3a944ecac212cd5ff0415b1baa0092554ca8053aa84739e1401abbc1ac1022052f06b951fe6bad335eb5a2cc5f6dde242de131c5a55d5e044bbbbdbdd2848de007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b5c65cacd0000040300483046022100c4615bf43d4388cc3ec4eef43f85740f9800ce16755864cb4f87445f2220d2de022100cde235378291c08235ee9dfb928bf7fb1ee8735ce1e81f7f8fc7e1591766b2db
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0053e692a459c1b5b3f73dddcf36a97af5e0ed4301dbcd336da19f4dc5a22e95bb5bb2c3b50955208c724f6a37a51ef3f12391678eff54b0be4a0abfdc5be928997c4e68d6a9dbf07b9fe34c92fa9fa0ac162678a83857de0955aa18cf85d0c2273e5375503b5cf5579dcc97143eaadb37d295adf9be5786434b1fd537717df9b001f7a6e61b2a993e1532b24c5f291c48482e406ba966f7e8a0c44027f50f65d081256008c082580616bae5aaa66512e2a2fe0375d0cf817ca8efb4d252bff2a14b78a0dab80b09ec986ec8a7ed7ee0abdf479b1d58856896da8601b51f8eb0203c7f6dc6b8c25b5abe2bc21b73c47880ffc7f550b986f65cafbbda9aa47f1456