*.karlsruhe.de

Issued by AlphaSSL CA - SHA256 - G2

About this certificate

This digital certificate with serial number 77:e7:0e:dd:c5:84:5a:69:7b:2a:87:30 was issued on by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.karlsruhe.de,OU=Domain Control Validated

GlobalSign nv-sa

Organization: GlobalSign nv-sa
Country: BE

This certificate has expire since

Certificate Details

Serial Number (hex): 77:e7:0e:dd:c5:84:5a:69:7b:2a:87:30
Serial Number (int): 37108048237164843113932031792
Serial Number lenght: 95 bits, 12 octets

SubjectKeyId: d8:4f:24:9e:30:93:8b:52:79:e7:a7:b2:97:aa:f4:3d:8b:28:96:e7
AuthorityKeyId: f5:cd:d5:3c:08:50:f9:6a:4f:3a:b7:97:da:56:83:e6:69:d2:68:f7

Fingerprint (sha1): fe:bc:48:0b:0d:ac:5d:3f:af:16:07:8c:aa:7f:1c:af:f8:75:aa:73
Fingerprint (sha256): 7b:7a:4b:9b:fe:ad:d6:a1:7b:37:0a:b6:db:8a:ff:0d:3e:40:bb:f5:ef:a1:cc:a5:9f:bb:78:a5:dd:12:09:0a

Issuing Certificate URL: http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsalphasha2g2
CRL Distribution Point: http://crl2.alphassl.com/gs/gsalphasha2g2.crl

Check the revocation status for certificate *.karlsruhe.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.karlsruhe.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.karlsruhe.de
karlsruhe.de

Other certificates including the domain name karlsruhe.de

(limited to 100 certificates)
m.karlsruhe.de
matrix-seg.karlsruhe.de
www1.karlsruhe.de
*.hhs.karlsruhe.de
presse.karlsruhe.de
matrix-seg.karlsruhe.de
lernfabrik.karlsruhe.de
www.carl-benz-schule.de
*.cbs.karlsruhe.de
moodle.cbs.karlsruhe.de
wettbewerbe.karlsruhe.de
www.carl-benz-schule.de
wes.karlsruhe.de
www.karlsruhe.de
www.karlsruhe.de
wes.karlsruhe.de
www.mgg.karlsruhe.de
owncloud.mgg.karlsruhe.de
ces.karlsruhe.de
*.hms.karlsruhe.de
web1.karlsruhe.de
*.karlsruhe.de
www.staatstheater.karlsruhe.de
www1.karlsruhe.de
dienste.karlsruhe.de
kita.karlsruhe.de
*.staatstheater.karlsruhe.de
wes.karlsruhe.de
mail2.karlsruhe.de
transparenz.karlsruhe.de
otv.karlsruhe.de
*.list.karlsruhe.de
hms.karlsruhe.de
moodle.cbs.karlsruhe.de
moodle.ess.karlsruhe.de
kita.karlsruhe.de
ces.karlsruhe.de
*.ces.karlsruhe.de
*.karlsruhe.de
*.staatstheater.karlsruhe.de
wes.karlsruhe.de
kita.karlsruhe.de
formulare.karlsruhe.de
bekrujzq.web.belwue.de
wes.karlsruhe.de
cloud.mgg.karlsruhe.de
www.karlsruhe.de
huebsch.karlsruhe.de
cloud.mgg.karlsruhe.de
kalender.karlsruhe.de
cloud.staatstheater.karlsruhe.de
groupwise.hhs.karlsruhe.de
*.karlsruhe.de
*.cbs.karlsruhe.de
filr.ces.karlsruhe.de
geodaten.karlsruhe.de
web1.karlsruhe.de
ess.karlsruhe.de
*.staatstheater.karlsruhe.de
lernfabrik.karlsruhe.de
lernfabrik.karlsruhe.de
matrix-seg.karlsruhe.de
opac.karlsruhe.de
wes.karlsruhe.de
otv.karlsruhe.de
cloud.mgg.karlsruhe.de
*.karlsruhe.de
rhin.karlsruhe.de
moodlex.hhs.karlsruhe.de
lernfabrik.karlsruhe.de
otv.karlsruhe.de
www.staatstheater.karlsruhe.de
moodle.hhs.karlsruhe.de
*.karlsruhe.de
web3.karlsruhe.de
wettbewerbe.karlsruhe.de
moodlex.hhs.karlsruhe.de
dienste.karlsruhe.de
*.hhs.karlsruhe.de
opac.karlsruhe.de
formulare.karlsruhe.de
moodle.ess.karlsruhe.de
wes.karlsruhe.de
lernfabrik.karlsruhe.de
as.staatstheater.karlsruhe.de
matrix-seg2.karlsruhe.de
dienste.karlsruhe.de
moodle.cbs.karlsruhe.de
opac.karlsruhe.de
matrix-mdm.karlsruhe.de
outlook.vbk-online.de
*.hms.karlsruhe.de
*.hhs.karlsruhe.de
wes.karlsruhe.de
kalender.karlsruhe.de
*.karlsruhe.de
*.hhs.karlsruhe.de
www.staatstheater.karlsruhe.de
heimstiftung.karlsruhe.de
formulare.karlsruhe.de

Certificate

The complete raw certificate details for *.karlsruhe.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgIMd+cO3cWEWml7KocwMA0GCSqGSIb3DQEBCwUAMEwxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlB
bHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcyMB4XDTE4MDExMTA5NDcwN1oXDTIwMDMw
NDEyMjUyMFowPDEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRcw
FQYDVQQDDA4qLmthcmxzcnVoZS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAKtmV/sOlLkoUYByRjeHNsXGauo9ADRv6+dbxiSYB87aKV8/Vnf/2hH5
dC+njJUy3v5OXGAGBpIR/Wcz/nT3+SmM9FMmW+y1AshIc1kOsDBUkGXzgPxastbf
k0MOAf3+KNhCQ92ezSpQ9g8DaMfii6O0tfYOei3NW7baLC9nLvzQOuBn8Wm86C+/
3DFY1r8xT7nkL6fjlPFWLUAU4bUjWsPBqcs20GDTYpmmFN6Be7dQy1eCRctVEmEr
JeD3FP/PjF7OLWzwlNgqgVizO0FfRxbkzDfB1KwlL7WsC5CcodqOZq8t0m/UqvD2
uVDsRUxsXegtglGZREv8pCfyH4d0i18CAwEAAaOCA8UwggPBMA4GA1UdDwEB/wQE
AwIFoDCBiQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJl
Mi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYB
BQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2FscGhhc2hhMmcy
MFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZodHRwczov
L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0T
BAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20v
Z3MvZ3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIOKi5rYXJsc3J1aGUuZGWC
DGthcmxzcnVoZS5kZTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
VR0OBBYEFNhPJJ4wk4tSeeenspeq9D2LKJbnMB8GA1UdIwQYMBaAFPXN1TwIUPlq
Tzq3l9pWg+Zp0mj3MIIB9QYKKwYBBAHWeQIEAgSCAeUEggHhAd8AdgDd6x0reg1P
piCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAWDknbSGAAAEAwBHMEUCIQDhDCPW
r3sd9HStfm74wr5Md32BrcMF/LCMWk3I+gfiTgIgE7ckKQyjvsU3C+2S7iQAXIo6
f+DWD7BqxZlCSS4P+z0AdQBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ
3QAAAWDknbT7AAAEAwBGMEQCIHPdSLg83jdeLtn3KGNC1n9F+jMxI6bOzWYIH7iT
C60zAiBASFj8c4qicotsPGOZ7GQlOZbfUCHZn0syyR0K6b1I4gB1ALvZ37wfinG1
k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABYOSduNEAAAQDAEYwRAIgfhZsK6BX
sjJnDA1mOirxj0zM8UTkB9seJ7IS2fBWQFMCIBmI0ykIZDUkQSTGqsu9t1UCalBh
ZbnoR3XkayvcZneYAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAA
AAFg5J23QwAABAMASDBGAiEAwA3NOqPDlkfluALkU+zqMZ4j1qx1Cm7RPb9KpBNO
qkkCIQDdATRUuweh2odEa4frXIQG1HKsKf5eF6KU6F9ORzEYjjANBgkqhkiG9w0B
AQsFAAOCAQEAGbWsP7dAkZTy8kuNutJzzTbn7dBG3+EAvIwUc5fBml15gQY947Zo
HAEr+bDyIitsZdCqiJ8SERqjbuLA8L9DSVoP+ADdulSzMfEv1WlIe99d9kAGaYKU
+9/7/pvr9vZHKiBmjkD3mxeNRbxNurzTkh+34aKWP0JaSP4HFF8lLznl+uG/VMHY
4sgU7g2X2mFRG3nXpvAVddiiIxsSJysa8oi/uJ5tWx8u5rEhrsIp6pXFfCfIkILf
1hekwzxmh/MnRDk/cupYtcn5o9xLK1np/qU3uGwekUbM0f1YICSOCLkRfuxstT69
AIjhI+xpBSguCEe0NA8aHmLBpWF4Ma/IkQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2ZX+w6UuShRgHJGN4c2
xcZq6j0ANG/r51vGJJgHztopXz9Wd//aEfl0L6eMlTLe/k5cYAYGkhH9ZzP+dPf5
KYz0UyZb7LUCyEhzWQ6wMFSQZfOA/Fqy1t+TQw4B/f4o2EJD3Z7NKlD2DwNox+KL
o7S19g56Lc1bttosL2cu/NA64GfxabzoL7/cMVjWvzFPueQvp+OU8VYtQBThtSNa
w8GpyzbQYNNimaYU3oF7t1DLV4JFy1USYSsl4PcU/8+MXs4tbPCU2CqBWLM7QV9H
FuTMN8HUrCUvtawLkJyh2o5mry3Sb9Sq8Pa5UOxFTGxd6C2CUZlES/ykJ/Ifh3SL
XwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 37108048237164843113932031792
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AlphaSSL CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-11 09:47:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-04 12:25:20 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.karlsruhe.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21637217696080260631812452755104344816567141334370016372037161824214159095369346320658714454289051577987286457635343799005225110362873424836666447652058750702802093406139938319215590036061929300298868100750212845803347670774170398297885819799233167958004927237619844089991241893257922523333200743752904704891858934408974525730995075531085747373466757126847885366537288319216959390775506833431392248839275158781935515687643709017725456071399919988811589603238143519924689726285212603934663859653316991091054306893371045242494071994352686645038416983246661894468506423996128939484517485069887225742479832410766133463903
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (125 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsalphasha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10.10 (Domain Validation Certificates Policy - AlphaSSL)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl2.alphassl.com/gs/gsalphasha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.karlsruhe.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karlsruhe.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d84f249e30938b5279e7a7b297aaf43d8b2896e7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f5cdd53c0850f96a4f3ab797da5683e669d268f7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes)
							01df007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000160e49db4860000040300473045022100e10c23d6af7b1df474ad7e6ef8c2be4c777d81adc305fcb08c5a4dc8fa07e24e022013b724290ca3bec5370bed92ee24005c8a3a7fe0d60fb06ac59942492e0ffb3d0075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd00000160e49db4fb0000040300463044022073dd48b83cde375e2ed9f7286342d67f45fa333123a6cecd66081fb8930bad330220404858fc738aa2728b6c3c6399ec64253996df5021d99f4b32c91d0ae9bd48e2007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000160e49db8d1000004030046304402207e166c2ba057b232670c0d663a2af18f4cccf144e407db1e27b212d9f056405302201988d329086435244124c6aacbbdb755026a506165b9e84775e46b2bdc667798007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000160e49db7430000040300483046022100c00dcd3aa3c39647e5b802e453ecea319e23d6ac750a6ed13dbf4aa4134eaa49022100dd013454bb07a1da87446b87eb5c8406d472ac29fe5e17a294e85f4e4731188e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0019b5ac3fb7409194f2f24b8dbad273cd36e7edd046dfe100bc8c147397c19a5d7981063de3b6681c012bf9b0f2222b6c65d0aa889f12111aa36ee2c0f0bf43495a0ff800ddba54b331f12fd569487bdf5df64006698294fbdffbfe9bebf6f6472a20668e40f79b178d45bc4dbabcd3921fb7e1a2963f425a48fe07145f252f39e5fae1bf54c1d8e2c814ee0d97da61511b79d7a6f01575d8a2231b12272b1af288bfb89e6d5b1f2ee6b121aec229ea95c57c27c89082dfd617a4c33c6687f32744393f72ea58b5c9f9a3dc4b2b59e9fea537b86c1e9146ccd1fd5820248e08b9117eec6cb53ebd0088e123ec6905282e0847b4340f1a1e62c1a5617831afc891