ameportal.aldi-sued.com

- ALDI International Services GmbH & Co. oHG -

Issued by Trusted Secure Certificate Authority 5

About this certificate

This digital certificate with serial number 8d:73:09:05:59:53:9e:cf:ae:73:76:9a:bc:f6:2c:68 was issued on by Corporation Service Company.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

ALDI International Services GmbH & Co. oHG

Organization: ALDI International Services GmbH & Co. oHG
Organization unit: International Information Technology
Organization unit: Enterprise SSL
Address: Mintarder Strasse 36-40
Postal code: 45481
State / Province: Nordrhein-Westfalen
Locality: Muelheim an der Ruhr
Country: DE

Corporation Service Company

Organization: Corporation Service Company
State / Province: DE
Locality: Wilmington
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 8d:73:09:05:59:53:9e:cf:ae:73:76:9a:bc:f6:2c:68
Serial Number (int): 188018444509877145375151869462085774440
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: fa:78:c5:a9:7b:b3:a2:b2:fe:33:45:df:f7:0e:a4:51:a0:ae:2d:9e
AuthorityKeyId: f2:bb:55:ee:fc:8f:cf:d0:3f:14:68:1a:95:7e:79:0e:ab:17:30:f4

Fingerprint (sha1): 3a:14:60:10:9d:ec:27:15:4d:bc:65:ae:86:dc:8c:de:9a:01:89:8c
Fingerprint (sha256): 8d:b3:37:d9:78:1d:5a:9d:d2:0a:79:8f:83:3e:10:0b:a2:f1:79:4e:31:7b:75:d6:e9:2b:0c:aa:c4:95:dd:5e

Issuing Certificate URL: http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl

Check the revocation status for certificate ameportal.aldi-sued.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ameportal.aldi-sued.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ameportal.aldi-sued.com
www.ameportal.aldi-sued.com

Other certificates including the domain name aldi-sued.com

(limited to 100 certificates)
www.aldi-sued.com
fvs.aldi-sued.com
yourls.k8s-prod.aldi-sued.com
karriere.hofer.at
karriere.hofer.at
videoconference.aldi-sued.com
clarity-dev.aldi-sued.com
mgate02.aldi-sued.com
snow2solman-dev.aldi-sued.com
*.qa.aldi-sued.com
cms806.aldi-sued.com
eid.prod.aldi-sued.com
stsl01.aldi-sued.com
eid.prod.aldi-sued.com
ameportal.aldi-sued.com
cms.aldi-sued.com
testextranet.aldi-sued.com
www.aldi-sued.com
cms807.aldi-sued.com
webinterface-test-ptp.aldi-sued.com
ame.aldi-sued.com
karriere.hofer.at
www.aldi-sued.com
mgate02.aldi-sued.com
www.aldi-sued.com
www.aldi-sued.com
gitlab.k8s-gitlab-test.aldi-sued.com
sft.aldi-sued.com
innovation.aldi-sued.com
karriere.hofer.at
snow2solman-prod.aldi-sued.com
cms806.aldi-sued.com
www.aldi-sued.de
webinterface-ptp.aldi-sued.com
gateway-test.aldi-sued.com
www.aldi-sued.com
mia2.aldi-sued.com
sft.aldi-sued.com
cms-test.aldi-sued.com
www.aldi-sued.com
redmine.aldi-sued.com
stsl01.aldi-sued.com
gateway-test.aldi-sued.com
cms806.aldi-sued.com
mia2.aldi-sued.com
clarity-dev.aldi-sued.com
www.aldi-sued.com
eid.prod.aldi-sued.com
extranet.aldi-sued.com
www.aldi-sued.de
www.aldi-sued.com
confluence.aldi-sued.com
ame.aldi-sued.com
cr-report.aldi-sued.com
www.aldi-sued.com
*.qa.aldi-sued.com
redmine.aldi-sued.com
www.aldi-sued.com
snow2solman-test.aldi-sued.com
www.aldi-sued.com
webmail.aldi-sued.com
clarity.aldi-sued.com
snow2solman-prod.aldi-sued.com
www.aldi-sued.com
sft.aldi-sued.com
cms-test.aldi-sued.com
www.aldi-sued.com
webinterface-test-ptp.aldi-sued.com
videoconference.aldi-sued.com
ameportal.aldi-sued.com
ameportal.aldi-sued.com
eid.qa2.aldi-sued.com
www.aldi-sued.com
www.aldi-sued.com
www.aldi-sued.com
wayback.aldi-sued.com
workspace.aldi-sued.com
karriere.hofer.at
karriere.hofer.at
webmail.aldi-sued.com
cms805.aldi-sued.com
securemail.aldi-sued.com
extranet.aldi-sued.com
www.aldi-sued.com
mgate02.aldi-sued.com
ame.aldi-sued.com
securemail.aldi-sued.com
gateway-test.aldi-sued.com
cms806.aldi-sued.com
*.qa.aldi-sued.com
clarity.aldi-sued.com
redmine.aldi-sued.com
stsl01.aldi-sued.com
redmine.aldi-sued.com
www.aldi-sued.com
wstat.aldi-sued.com
workspace.aldi-sued.com
smasa-mock.k8s-prod02.aldi-sued.com
stsl02.aldi-sued.com
gateway-test.aldi-sued.com

Certificate

The complete raw certificate details for ameportal.aldi-sued.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHmTCCBoGgAwIBAgIRAI1zCQVZU57PrnN2mrz2LGgwDQYJKoZIhvcNAQELBQAw
gYYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJERTETMBEGA1UEBxMKV2lsbWluZ3Rv
bjEkMCIGA1UEChMbQ29ycG9yYXRpb24gU2VydmljZSBDb21wYW55MS8wLQYDVQQD
EyZUcnVzdGVkIFNlY3VyZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgNTAeFw0xODA2
MDgwMDAwMDBaFw0yMDA2MDcyMzU5NTlaMIIBGzELMAkGA1UEBhMCREUxDjAMBgNV
BBETBTQ1NDgxMRwwGgYDVQQIExNOb3JkcmhlaW4tV2VzdGZhbGVuMR0wGwYDVQQH
ExRNdWVsaGVpbSBhbiBkZXIgUnVocjEgMB4GA1UECRMXTWludGFyZGVyIFN0cmFz
c2UgMzYtNDAxMzAxBgNVBAoMKkFMREkgSW50ZXJuYXRpb25hbCBTZXJ2aWNlcyBH
bWJIICYgQ28uIG9IRzEtMCsGA1UECxMkSW50ZXJuYXRpb25hbCBJbmZvcm1hdGlv
biBUZWNobm9sb2d5MRcwFQYDVQQLEw5FbnRlcnByaXNlIFNTTDEgMB4GA1UEAxMX
YW1lcG9ydGFsLmFsZGktc3VlZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCygwedyYEqHiDyheH3cMIeUWzzOUGxb2/D22Qf/b00BA9CEs8LB5BH
bHvbKBweNp5oqSkV44fIWiBNDX537G6cU1RLFn/s/Hh+UJ0dSmZYrJLVXNWxSrX4
9A9o1nGqQo6ZLnYpZcZivwnZr9BTmP7rGE9xcGpmSqMNPbV8JG+Qo/pT2Eo3OMiv
rnb0mBEbOpFvkwHNtY+UXcuOH/7JPpu4bbl99fOvqDEdQlQcV2xhiUj01dfO4f/E
IMVEOKGnjgCmR0Fh16dqiKcrvFWkAvvQwMvChhh2FJNP+o7guJUTpAa2k4D8V45C
R4yXDmojCRrosbBcOrJ8BlTST6XcRBj7AgMBAAGjggNoMIIDZDAfBgNVHSMEGDAW
gBTyu1Xu/I/P0D8UaBqVfnkOqxcw9DAdBgNVHQ4EFgQU+njFqXuzorL+M0Xf9w6k
UaCuLZ4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMEsGA1UdIAREMEIwNgYLKwYBBAGyMQECAggwJzAl
BggrBgEFBQcCARYZaHR0cHM6Ly9jcHMudXNlcnRydXN0LmNvbTAIBgZngQwBAgIw
UAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1RydXN0
ZWRTZWN1cmVDZXJ0aWZpY2F0ZUF1dGhvcml0eTUuY3JsMIGCBggrBgEFBQcBAQR2
MHQwSwYIKwYBBQUHMAKGP2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9UcnVzdGVk
U2VjdXJlQ2VydGlmaWNhdGVBdXRob3JpdHk1LmNydDAlBggrBgEFBQcwAYYZaHR0
cDovL29jc3AudXNlcnRydXN0LmNvbTA/BgNVHREEODA2ghdhbWVwb3J0YWwuYWxk
aS1zdWVkLmNvbYIbd3d3LmFtZXBvcnRhbC5hbGRpLXN1ZWQuY29tMIIBfgYKKwYB
BAHWeQIEAgSCAW4EggFqAWgAdgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJ
eqj9ywAAAWPerlX4AAAEAwBHMEUCIEOy3IGFAVmN+dG3MrZ198cXDwblSO9tyI3E
F9LrDUmXAiEA/ZbA+UwVB96snQs1wK+iLx51DIYhxRb9B1ad6XVHt+YAdgBep3P5
31bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWPerlY0AAAEAwBHMEUCIQCZ
Z5G5J4dIntkZSKjdH4N58vc7nQ7KJcGkGoU9p0Z/MwIgDUGFwGz+s+zKI+9mSISD
O8KE/rUSyWJ+AJFrwAlMkqUAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6od
BxPTDAAAAWPerlZkAAAEAwBHMEUCIQCBTSusnmhY9kjytmlDRz/Q+Zu32FveS9qJ
A+a41yR9CQIgcqpCoL4hTaHC3CwbNORALeU+knwCAOcIlb+KF/TR7MkwDQYJKoZI
hvcNAQELBQADggEBAIk3+SkhARaXMpUObIY8e/X60xTulYRL9jY/ln5Hybp8hwSO
sK+kWR27ztAXdBQcsj+zo6KAE20tTSHi0Hby+dV0/3zl/yzvAnDAuGc8EcnYFDFT
0U3r8Tuu+S7tA8jpoJZnkGF4NGTb+oOYCfc/QTI5ET0KbgxVmfbVTlptu71Z3yoj
QzVbXAFvmTvz0aPBomfP3xc1mjEBytpFxKM2WwEx8RrBs1lOSdVISowZN1//owSO
t6arQWWLSOHCtGKBJYnxAq/4CvHizG+ocj2TeoHU8F8hVpPmSYtqk4cQKHknTMex
OWvjbEj5z3wpj1TYBAZvsb4H4c47voXdNqno+8k=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoMHncmBKh4g8oXh93DC
HlFs8zlBsW9vw9tkH/29NAQPQhLPCweQR2x72ygcHjaeaKkpFeOHyFogTQ1+d+xu
nFNUSxZ/7Px4flCdHUpmWKyS1VzVsUq1+PQPaNZxqkKOmS52KWXGYr8J2a/QU5j+
6xhPcXBqZkqjDT21fCRvkKP6U9hKNzjIr6529JgRGzqRb5MBzbWPlF3Ljh/+yT6b
uG25ffXzr6gxHUJUHFdsYYlI9NXXzuH/xCDFRDihp44ApkdBYdenaoinK7xVpAL7
0MDLwoYYdhSTT/qO4LiVE6QGtpOA/FeOQkeMlw5qIwka6LGwXDqyfAZU0k+l3EQY
+wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 188018444509877145375151869462085774440
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wilmington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trusted Secure Certificate Authority 5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '45481'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nordrhein-Westfalen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Muelheim an der Ruhr'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mintarder Strasse 36-40'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ALDI International Services GmbH & Co. oHG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'International Information Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ameportal.aldi-sued.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22535031462535229701958237800807225563842358210708872033354031453454014955150913230048223292089606473880367836856211332868490133666670209930744999811278741222874327904188704128913924902838416401228840957659131462866051063567002935222498734473126107873559657740115462144913663604289000028550719840366730727965869122078997068372952026413005644084342955576873647541875436636007245833092539238035797941120343248572472147857754741614674169316516909426397022702725374067166067333917835315632414242708339160643093620395521266439786853759014374582861298622044378736471321107701255945096136141209591273728625118832006529292539
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f2bb55eefc8fcfd03f14681a957e790eab1730f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							fa78c5a97bb3a2b2fe3345dff70ea451a0ae2d9e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ameportal.aldi-sued.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ameportal.aldi-sued.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000163deae55f80000040300473045022043b2dc818501598df9d1b732b675f7c7170f06e548ef6dc88dc417d2eb0d4997022100fd96c0f94c1507deac9d0b35c0afa22f1e750c8621c516fd07569de97547b7e60076005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000163deae56340000040300473045022100996791b92787489ed91948a8dd1f8379f2f73b9d0eca25c1a41a853da7467f3302200d4185c06cfeb3ecca23ef664884833bc284feb512c9627e00916bc0094c92a50076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000163deae56640000040300473045022100814d2bac9e6858f648f2b66943473fd0f99bb7d85bde4bda8903e6b8d7247d09022072aa42a0be214da1c2dc2c1b34e4402de53e927c0200e70895bf8a17f4d1ecc9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008937f9292101169732950e6c863c7bf5fad314ee95844bf6363f967e47c9ba7c87048eb0afa4591dbbced01774141cb23fb3a3a280136d2d4d21e2d076f2f9d574ff7ce5ff2cef0270c0b8673c11c9d8143153d14debf13baef92eed03c8e9a096679061783464dbfa839809f73f413239113d0a6e0c5599f6d54e5a6dbbbd59df2a2343355b5c016f993bf3d1a3c1a267cfdf17359a3101cada45c4a3365b0131f11ac1b3594e49d5484a8c19375fffa3048eb7a6ab41658b48e1c2b462812589f102aff80af1e2cc6fa8723d937a81d4f05f215693e6498b6a9387102879274cc7b1396be36c48f9cf7c298f54d804066fb1be07e1ce3bbe85dd36a9e8fbc9