idp.zu.de
- Zeppelin Universitaet gemeinnuetzige GmbH -
Issued by DFN-Verein Global Issuing CA
About this certificate
This digital certificate with serial number 1e:09:7e:1f:06:cd:d6:6f:1b:98:5a:1f was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Zeppelin Universitaet gemeinnuetzige GmbH
Organization:
Zeppelin Universitaet gemeinnuetzige GmbH
Organization unit: IT
Organization unit: IT
State / Province:
Baden-Wuerttemberg
Locality: Friedrichshafen
Country: DE
Locality: Friedrichshafen
Country: DE
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization:
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Organization unit: DFN-PKI
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 1e:09:7e:1f:06:cd:d6:6f:1b:98:5a:1fSerial Number (int): 9296026217533075291754748447
Serial Number lenght: 93 bits, 12 octets
SubjectKeyId: 72:70:fe:fd:64:53:d8:80:b0:05:dc:84:ea:d4:83:2c:8c:ac:dc:ce
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74
Fingerprint (sha1): 35:cf:67:24:37:36:e7:36:3e:09:9b:9f:4d:bf:dd:b4:83:0d:d0:18
Fingerprint (sha256): 91:e6:67:8a:a9:ab:3e:22:64:cf:47:ce:0f:1e:9c:df:82:26:de:ec:5c:87:5f:8f:2a:aa:0b:5b:83:a1:fd:f6
Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
Check the revocation status for certificate idp.zu.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for idp.zu.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
idp.zu.de
Other certificates including the domain name zu.de
(limited to 100 certificates)
repro.zu.de
opus4.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
connect.zu.de
ts.zu.de
radsec.zu.de
ezproxy.zu.de
learning.zu.de
helpdesk.zu.de
repos.bsz-bw.de
email.zu.de
email.zu.de
www.zu.de
dms.zu.de
zucoyo.zu.de
cms.zu.de
cms.zu.de
cms.zu.de
repos.bsz-bw.de
app.zu.de
email.zu.de
email.zu.de
email.zu.de
navweb.zu.de
repos.bsz-bw.de
email.zu.de
cards.jonathanmuth.com
svp.zu.de
*.pbx.zu.de
radsec.zu.de
helpdesk.zu.de
guestportal.zu.de
mediathek.zu.de
guestlogin.zu.de
guestportal.zu.de
coyo.zu.de
zu.de
planspiel.zu.de
cms.zu.de
zu.de
repos.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
zu.de
repro.zu.de
cms.zu.de
repos.bsz-bw.de
m.zu.de
repos.bsz-bw.de
cms.zu.de
systemone.zu.de
opus4.bsz-bw.de
guestportal.zu.de
learning.zu.de
email.zu.de
email.zu.de
zu.de
opus4.bsz-bw.de
finreporting.zu.de
helpdesk.zu.de
learning.zu.de
WEBMAIL.ZU.DE
cms.zu.de
guestportal.zu.de
opus4.bsz-bw.de
systemone.zu.de
adfs.zu.de
cms.zu.de
idp.zu.de
radsec.zu.de
zu.de
zuqpilot.zu.de
www.zu.de
reporting.zu.de
dms.zu.de
connect.zu.de
cntest.zu.de
repos.bsz-bw.de
m.zu.de
opus4.bsz-bw.de
zuqpilot.zu.de
learning.zu.de
repos.bsz-bw.de
dms.zu.de
opus4.bsz-bw.de
systemone.zu.de
m.zu.de
rdweb.zu.de
mediathek.zu.de
radsec.zu.de
www.zu.de
idp.zu.de
zu.de
systemone.zu.de
www.zu.de
opus4.bsz-bw.de
adfs.zu.de
*.pbx.zu.de
ts.zu.de
opus4.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
connect.zu.de
ts.zu.de
radsec.zu.de
ezproxy.zu.de
learning.zu.de
helpdesk.zu.de
repos.bsz-bw.de
email.zu.de
email.zu.de
www.zu.de
dms.zu.de
zucoyo.zu.de
cms.zu.de
cms.zu.de
cms.zu.de
repos.bsz-bw.de
app.zu.de
email.zu.de
email.zu.de
email.zu.de
navweb.zu.de
repos.bsz-bw.de
email.zu.de
cards.jonathanmuth.com
svp.zu.de
*.pbx.zu.de
radsec.zu.de
helpdesk.zu.de
guestportal.zu.de
mediathek.zu.de
guestlogin.zu.de
guestportal.zu.de
coyo.zu.de
zu.de
planspiel.zu.de
cms.zu.de
zu.de
repos.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
zu.de
repro.zu.de
cms.zu.de
repos.bsz-bw.de
m.zu.de
repos.bsz-bw.de
cms.zu.de
systemone.zu.de
opus4.bsz-bw.de
guestportal.zu.de
learning.zu.de
email.zu.de
email.zu.de
zu.de
opus4.bsz-bw.de
finreporting.zu.de
helpdesk.zu.de
learning.zu.de
WEBMAIL.ZU.DE
cms.zu.de
guestportal.zu.de
opus4.bsz-bw.de
systemone.zu.de
adfs.zu.de
cms.zu.de
idp.zu.de
radsec.zu.de
zu.de
zuqpilot.zu.de
www.zu.de
reporting.zu.de
dms.zu.de
connect.zu.de
cntest.zu.de
repos.bsz-bw.de
m.zu.de
opus4.bsz-bw.de
zuqpilot.zu.de
learning.zu.de
repos.bsz-bw.de
dms.zu.de
opus4.bsz-bw.de
systemone.zu.de
m.zu.de
rdweb.zu.de
mediathek.zu.de
radsec.zu.de
www.zu.de
idp.zu.de
zu.de
systemone.zu.de
www.zu.de
opus4.bsz-bw.de
adfs.zu.de
*.pbx.zu.de
ts.zu.de
Certificate
The complete raw certificate details for idp.zu.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDTCCBPWgAwIBAgIMHgl+HwbN1m8bmFofMA0GCSqGSIb3DQEBCwUAMIGNMQsw CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTE3 MTAyMDEzNTYzMVoXDTIxMDExNjEzNTYzMVowgZkxCzAJBgNVBAYTAkRFMRswGQYD VQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxGDAWBgNVBAcMD0ZyaWVkcmljaHNoYWZl bjEyMDAGA1UECgwpWmVwcGVsaW4gVW5pdmVyc2l0YWV0IGdlbWVpbm51ZXR6aWdl IEdtYkgxCzAJBgNVBAsMAklUMRIwEAYDVQQDDAlpZHAuenUuZGUwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHuRbDsHHuE7XfbooeHSuP2HQnbJujW+ev yZI92E4iX3DqRsC1mNXrWpYzfSSCWWu/PcyWAQI+nDq3Sy89PDQo31Lj6Eyuw/Yt OX6dmDwNN+2Uu+JTLgNaOvrzahl5EuWdZeYTSfuC3jL4yRz9PmnHhEw1Pn87573K /SaP+0AnFlcIrlbj6DQkuYLD7LaqJcOecEh5LYo9TEUM9eLvNr9CAyZxvslEckG3 8w49g16FBGMQQXhjKHlMo1phyocLdKGG2gFmmM1UzM0sbsxOMr85rP/He3Al9zPw lObQ/U1kjTMbkgZ0Qc9dyyq8bmvuSJmXyPPHukkGqBVg1kJmqAnVAgMBAAGjggJd MIICWTBZBgNVHSAEUjBQMAgGBmeBDAECAjANBgsrBgEEAYGtIYIsHjAPBg0rBgEE AYGtIYIsAQEEMBEGDysGAQQBga0hgiwBAQQDBjARBg8rBgEEAYGtIYIsAgEEAwYw CQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIG CCsGAQUFBwMBMB0GA1UdDgQWBBRycP79ZFPYgLAF3ITq1IMsjKzczjAfBgNVHSME GDAWgBRrOpiL+fJTidrgrbIyHgkf6Ko7dDAUBgNVHREEDTALgglpZHAuenUuZGUw gY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4t Y2EtZ2xvYmFsLWcyL3B1Yi9jcmwvY2FjcmwuY3JsMD+gPaA7hjlodHRwOi8vY2Rw Mi5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NybC9jYWNybC5jcmww gdsGCCsGAQUFBwEBBIHOMIHLMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2Eu ZGZuLmRlL09DU1AtU2VydmVyL09DU1AwSQYIKwYBBQUHMAKGPWh0dHA6Ly9jZHAx LnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY2FjZXJ0L2NhY2VydC5j cnQwSQYIKwYBBQUHMAKGPWh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNhLWds b2JhbC1nMi9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwDQYJKoZIhvcNAQELBQADggEB AHg8plAKSFqkBmbmEH+afuAiE5zFqT0RWfWjVYmGb1gVuAAzZPXv15zr0bTYyx/F Kky47GIx6aXnu65+bmkcj8dmEsrFW1ZAsdiIKUnbWthRfTJ+z7u2YxNy2mJ+EXGF b3El0BjTbiaFJYvbZxbkvV+r+lOmborXnhFTq4NUcHBii8N/Xyipz55BzVejO8TI lH/p53s1v2SQEKUb2JeRytFvzjyK0vfTq3nTpa8WqRplhcWpl30RW5dU0A9RB6LP hDSYrM606AY/gVqMOlVWx2MGK7OmEdHL38/a9E/AhDFTH6RgtbE8xMLSEvr4mcQp ZIH4vs2YzArTtgudg+4w5js= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7kWw7Bx7hO1326KHh0r j9h0J2ybo1vnr8mSPdhOIl9w6kbAtZjV61qWM30kgllrvz3MlgECPpw6t0svPTw0 KN9S4+hMrsP2LTl+nZg8DTftlLviUy4DWjr682oZeRLlnWXmE0n7gt4y+Mkc/T5p x4RMNT5/O+e9yv0mj/tAJxZXCK5W4+g0JLmCw+y2qiXDnnBIeS2KPUxFDPXi7za/ QgMmcb7JRHJBt/MOPYNehQRjEEF4Yyh5TKNaYcqHC3ShhtoBZpjNVMzNLG7MTjK/ Oaz/x3twJfcz8JTm0P1NZI0zG5IGdEHPXcsqvG5r7kiZl8jzx7pJBqgVYNZCZqgJ 1QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9296026217533075291754748447 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-20 13:56:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-16 13:56:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Wuerttemberg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Friedrichshafen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zeppelin Universitaet gemeinnuetzige GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'idp.zu.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17133441920293734768864145141758492581958773844312256466149110143793247687801142407779537285248235493377700338781403792807256053461515778791376925985445783254765361877122326330045481756921254412474704655263828795940938135593166429929344138428336467587041814090153261242323634723370058110956273957005645053034428821720257071124592491513630340654087029018388078718515798337865290025057401073254606828565386336989918863809092072452418880265495668341300148492597320375408309963450848874516928509709078577233487970053654465408200775519059872469315583227923106241241680644001137488539672296819741205032606204073962839214549 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.3.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.3.6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7270fefd6453d880b005dc84ead4832c8cacdcce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp.zu.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00783ca6500a485aa40666e6107f9a7ee022139cc5a93d1159f5a35589866f5815b8003364f5efd79cebd1b4d8cb1fc52a4cb8ec6231e9a5e7bbae7e6e691c8fc76612cac55b5640b1d8882949db5ad8517d327ecfbbb6631372da627e1171856f7125d018d36e2685258bdb6716e4bd5fabfa53a66e8ad79e1153ab83547070628bc37f5f28a9cf9e41cd57a33bc4c8947fe9e77b35bf649010a51bd89791cad16fce3c8ad2f7d3ab79d3a5af16a91a6585c5a9977d115b9754d00f5107a2cf843498acceb4e8063f815a8c3a5556c763062bb3a611d1cbdfcfdaf44fc08431531fa460b5b13cc4c2d212faf899c4296481f8becd98cc0ad3b60b9d83ee30e63b