iam.serviceportal.krzn.de

- Kommunales Rechenzentrum Niederrhein -

Issued by Telekom Security ServerID OV Class 2 CA

About this certificate

This digital certificate with serial number 15:69:ed:9f:92:2a:d4:ba:17:bd:81:3c:d1:78:60:71 was issued on by Deutsche Telekom Security GmbH.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Kommunales Rechenzentrum Niederrhein

Organization: Kommunales Rechenzentrum Niederrhein
State / Province: Nordrhein-Westfalen
Locality: Kamp-Lintfort
Country: DE

Deutsche Telekom Security GmbH

Organization: Deutsche Telekom Security GmbH
Country: DE

This certificate will expire on

Certificate Details

Serial Number (hex): 15:69:ed:9f:92:2a:d4:ba:17:bd:81:3c:d1:78:60:71
Serial Number (int): 28463798655219886338735429318098837617
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 02:28:33:15:13:45:0f:d9:d1:25:0c:a7:8d:8c:c8:d3:76:e5:32:35
AuthorityKeyId: 1c:05:93:b1:7f:a8:34:30:8c:52:e0:96:40:a0:72:a3:10:5d:e0:ff

Fingerprint (sha1): 11:af:84:1a:7b:86:e9:b7:55:b9:44:ed:dc:a4:2a:71:1c:88:07:5e
Fingerprint (sha256): ac:66:94:4d:a6:06:85:ba:83:70:a8:45:92:29:bc:13:7b:48:1e:53:9c:09:04:be:1d:35:91:c6:28:56:3a:c7

Issuing Certificate URL: http://crt.serverid.telesec.de/crt/Telekom_Security_ServerID_OV_Class_2_CA.crt

Revocation information

OCSP Server: http://ocsp.serverid.telesec.de/ocspr
CRL Distribution Point: http://crl.serverid.telesec.de/rl/Telekom_Security_ServerID_OV_Class_2_CA.crl

Check the revocation status for certificate iam.serviceportal.krzn.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for iam.serviceportal.krzn.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

iam.serviceportal.krzn.de
www.iam.serviceportal.krzn.de

Other certificates including the domain name krzn.de

(limited to 100 certificates)
krzn.de
m240web3.krzn.de
kita-online.krzn.de
kivi.krzn.de
kfzkle.krzn.de
extranet.krzn.de
kivi.krzn.de
verkehr-igv.krzn.de
kivi.krzn.de
vdi.krzn.de
kundenservice2.krzn.de
havis.krzn.de
gisdata.krzn.de
qualifizierung.krzn.de
video.krzn.de
wahl.krzn.de
kitatest.krzn.de
lernen.krzn.de
netzlernen.krzn.de
blog.egovernment.krzn.de
alkisservices.krzn.de
bauportal.krzn.de
kfzne.krzn.de
kfzbot.krzn.de
netzlernen.krzn.de
cag-vhsgeldern.krzn.de
verkehr-igv.krzn.de
mdm.krzn.de
kfzne.krzn.de
dmsvbs-suche.rz.krzn.de
krzn.de
apsb1p.nkf.krzn.de
services-lan.rz.krzn.de
m180epk01.krzn.de
netzlernen.krzn.de
kundenservice2.krzn.de
eauskunft.krzn.de
kivi.krzn.de
extranet.krzn.de
webmail-ng.krzn.de
qualifizierung.krzn.de
gisalkis.krzn.de
eauskunft.krzn.de
legasuiteweb.rz.krzn.de
formulare.krzn.de
m.krzn.de
wahlen.krzn.de
geoservices.krzn.de
webmail-ng.krzn.de
kfzvie.krzn.de
qualifizierung.krzn.de
kfzmg.krzn.de
bauportal.krzn.de
formulare.krzn.de
xta.krzn.de
egovernment.krzn.de
aps01p.nkf.krzn.de
rasterservices.krzn.de
blog.egovernment.krzn.de
qrapi.krzn.de
kfzkle.krzn.de
bbb066.krzn.de
m240web3.krzn.de
share-qs.krzn.de
kfzmg.krzn.de
verkehr-igv.krzn.de
egovernment.krzn.de
neu.im.krzn.de
cag-niederkruechten.krzn.de
passauskunft.krzn.de
kfzkr.krzn.de
ema-borken.rz.krzn.de
geoservices.krzn.de
webopac2.krzn.de
kfzob.krzn.de
kivi.krzn.de
traveler2.krzn.de
ema1.krzn.de
geoservices.krzn.de
netzlernen.krzn.de
share.krzn.de
blog.egovernment.krzn.de
eauskunft.krzn.de
bbb039.krzn.de
kundenservice.krzn.de
verkehr-igv.krzn.de
expe01.krzn.de
netzlernen.krzn.de
winowig-mobil.krzn.de
qrapi.krzn.de
kdvzopac.krzn.de
kivi.krzn.de
kfzne.krzn.de
apsb1p.nkf.krzn.de
webopac.krzn.de
qrapi.krzn.de
seminare.krzn.de
verkehr-igv.krzn.de
webopac.krzn.de
share.krzn.de

Certificate

The complete raw certificate details for iam.serviceportal.krzn.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHPTCCBaWgAwIBAgIQFWntn5Iq1LoXvYE80XhgcTANBgkqhkiG9w0BAQsFADBo
MQswCQYDVQQGEwJERTEnMCUGA1UECgweRGV1dHNjaGUgVGVsZWtvbSBTZWN1cml0
eSBHbWJIMTAwLgYDVQQDDCdUZWxla29tIFNlY3VyaXR5IFNlcnZlcklEIE9WIENs
YXNzIDIgQ0EwHhcNMjQwNjIwMDUyMDAxWhcNMjUwNjI0MjM1OTU5WjCBljELMAkG
A1UEBhMCREUxHDAaBgNVBAgTE05vcmRyaGVpbi1XZXN0ZmFsZW4xFjAUBgNVBAcT
DUthbXAtTGludGZvcnQxLTArBgNVBAoTJEtvbW11bmFsZXMgUmVjaGVuemVudHJ1
bSBOaWVkZXJyaGVpbjEiMCAGA1UEAxMZaWFtLnNlcnZpY2Vwb3J0YWwua3J6bi5k
ZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAN8dfO0Y7aTCW/eNvoYp
hsWBI6F3Y3V2YIde+8u0Hj0JNk72+gZM2hHArQQo/AJdhGfzLWUwuSCzHYAAbHMs
UQtA4RogihdUiFNndTjwyBY2FqwaOnwTTpsGzTszn9bFIErYSB8YTNjHBAPP0NfN
kkfOddNFLXnoFkFdBUmVcYi0SPJ5bd/m9WjBRAStIqZGaTkHGUF/wAMRfXRIZ5s9
N9tw58r/XOhDrb/YkIwfV9iRY3EvO47iP0ZJD9OtmJfkEe68IyqK+JYnaPE0k9pH
h6fzyQyiiWglyNE85jtvesn7ThOdkx+vB4zVy7oUMn+fTayN/c5O1HUHgQmDkZ0T
Janeh6+OS04BSx9twCJKHGkebSAU7KTZP0n2L08tAZSBjuGgGTwQQLonDAxcI7CR
ZvicMMG5z7EbGDhbOqnVCVfn51Jg8GJixfrMHdaXMgcU7FB4yNZZBGjWl5wGaOUT
QW3HwkhcJwy+y8+6N5jV2/nHRyikkjfNnSPbdP12MS+ULpVFbcCuZFzv9Bc6K9A0
xz8aMoY4CgrTilV226/mcCerQWtZZNpUVfBguq6JyOMfygNWh7QSJErAfIgjnZ+b
ahyMTS2iZsOMN3pb/0dt/20hVrom8FWbjmcXsmTKnTLn2U3UJ7h6mzdwEacDCJCh
iF96Mx5FtRo4vSwwLXiAQQw/AgMBAAGjggIyMIICLjAfBgNVHSMEGDAWgBQcBZOx
f6g0MIxS4JZAoHKjEF3g/zAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBQCKDMVE0UP2dElDKeNjMjTduUyNTBT
BgNVHSAETDBKMEgGBmeBDAECAjA+MDwGCCsGAQUFBwIBFjBodHRwOi8vZG9jcy5z
ZXJ2ZXJpZC50ZWxlc2VjLmRlL2Nwcy9zZXJ2ZXJpZC5odG0wXgYDVR0fBFcwVTBT
oFGgT4ZNaHR0cDovL2NybC5zZXJ2ZXJpZC50ZWxlc2VjLmRlL3JsL1RlbGVrb21f
U2VjdXJpdHlfU2VydmVySURfT1ZfQ2xhc3NfMl9DQS5jcmwwgZ8GCCsGAQUFBwEB
BIGSMIGPMDEGCCsGAQUFBzABhiVodHRwOi8vb2NzcC5zZXJ2ZXJpZC50ZWxlc2Vj
LmRlL29jc3ByMFoGCCsGAQUFBzAChk5odHRwOi8vY3J0LnNlcnZlcmlkLnRlbGVz
ZWMuZGUvY3J0L1RlbGVrb21fU2VjdXJpdHlfU2VydmVySURfT1ZfQ2xhc3NfMl9D
QS5jcnQwDAYDVR0TAQH/BAIwADBDBgNVHREEPDA6ghlpYW0uc2VydmljZXBvcnRh
bC5rcnpuLmRlgh13d3cuaWFtLnNlcnZpY2Vwb3J0YWwua3J6bi5kZTATBgorBgEE
AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAYEAT6mlznoCjh9gOmz2HQ9W
RKjBFZBDXtXLmBFFofhX6RjKxKPyn+f7a0beGr24TIQ0k/dsSM2cIbNN20I6a9m3
VWtA061+9nDSNyAKg4/FV6wiYlLHORormRJhZgZJ9YfF3jtxoVrpWSVWMo8P/hCY
/3C8jghH7Ihe6AYGezimPK3zSkxVs3BmnCPILvFExkB1YbAGtfn1WCiRtEyfSa+n
HUWjCGeE9KlluVh+Yp17P+B3BAKbmAUoKpMqCJsCBeOlu0KKdIRjPaQ5QbLKKuw0
YVa8E1+SoMW+C/MPXNG/xu4MN8kUe2eDjBLrnu/41F9sW+K+Z4DYH7HVnKst7DJQ
3J/qPkN/w10cb7MO8Xbvb3bF/y6D/pnu50lb6IsdIm/PFRM71q49R52n5xg4Avcc
haHyca3YpOvklZx2OTy70PsPuoaCBmCfB2esp8CXuWaXSrj+IsRueP24QK95BUtu
tGH2SUIFfZlYvWwX5z4y2EjWgk/NVtmRTBubpBZHuv7Y
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3x187RjtpMJb942+himG
xYEjoXdjdXZgh177y7QePQk2Tvb6BkzaEcCtBCj8Al2EZ/MtZTC5ILMdgABscyxR
C0DhGiCKF1SIU2d1OPDIFjYWrBo6fBNOmwbNOzOf1sUgSthIHxhM2McEA8/Q182S
R85100UteegWQV0FSZVxiLRI8nlt3+b1aMFEBK0ipkZpOQcZQX/AAxF9dEhnmz03
23Dnyv9c6EOtv9iQjB9X2JFjcS87juI/RkkP062Yl+QR7rwjKor4lido8TST2keH
p/PJDKKJaCXI0TzmO296yftOE52TH68HjNXLuhQyf59NrI39zk7UdQeBCYORnRMl
qd6Hr45LTgFLH23AIkocaR5tIBTspNk/SfYvTy0BlIGO4aAZPBBAuicMDFwjsJFm
+JwwwbnPsRsYOFs6qdUJV+fnUmDwYmLF+swd1pcyBxTsUHjI1lkEaNaXnAZo5RNB
bcfCSFwnDL7Lz7o3mNXb+cdHKKSSN82dI9t0/XYxL5QulUVtwK5kXO/0Fzor0DTH
PxoyhjgKCtOKVXbbr+ZwJ6tBa1lk2lRV8GC6ronI4x/KA1aHtBIkSsB8iCOdn5tq
HIxNLaJmw4w3elv/R23/bSFWuibwVZuOZxeyZMqdMufZTdQnuHqbN3ARpwMIkKGI
X3ozHkW1Gji9LDAteIBBDD8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 28463798655219886338735429318098837617
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Deutsche Telekom Security GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telekom Security ServerID OV Class 2 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-20 05:20:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nordrhein-Westfalen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kamp-Lintfort'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kommunales Rechenzentrum Niederrhein'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iam.serviceportal.krzn.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 910230551055133790962904360100135258697298175677573949086722919954995926795350770478463787194619608009503220943834177873706012025257179201675878164908506798274115752966416435305618830758494120180576713002258063037281813027001358939680021628479263363355501201174024943237393596431844961818076879655900498006189450294320346912231106461623656473212349740684592702766174264036643532402922678154281280064261075166584725701121716637750330637615399386412652766865570311121672253198709356868394535810394423927707016544729793464942478242231599391037538382594406386651576824740017649254178776149937841069133158988266863457259723771175161839622425200898525737687858595470624981577964657607887862891440089368731278206593257362905796155156942890980569693352701266114015223061665255261210166516227896252121956722753144732895051333937097545801011756620732219991286453345610372886988527248213844990151603858795124381206979113559417854342821150060016550495690941599618027458756052169804774760170648400318344980097379593880582834951414652957750938586412115835148444393648528328849423451776278423624482955573315517764836975050509279569120763865302953837576760650211702561690507114283543053643892580894464162342781379877401622807265411323025267051531327
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1c0593b17fa834308c52e09640a072a3105de0ff
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0228331513450fd9d1250ca78d8cc8d376e53235
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (76 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://docs.serverid.telesec.de/cps/serverid.htm'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.serverid.telesec.de/rl/Telekom_Security_ServerID_OV_Class_2_CA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (146 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.serverid.telesec.de/ocspr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.serverid.telesec.de/crt/Telekom_Security_ServerID_OV_Class_2_CA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iam.serviceportal.krzn.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iam.serviceportal.krzn.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		004fa9a5ce7a028e1f603a6cf61d0f5644a8c11590435ed5cb981145a1f857e918cac4a3f29fe7fb6b46de1abdb84c843493f76c48cd9c21b34ddb423a6bd9b7556b40d3ad7ef670d237200a838fc557ac226252c7391a2b991261660649f587c5de3b71a15ae9592556328f0ffe1098ff70bc8e0847ec885ee806067b38a63cadf34a4c55b370669c23c82ef144c6407561b006b5f9f5582891b44c9f49afa71d45a3086784f4a965b9587e629d7b3fe07704029b9805282a932a089b0205e3a5bb428a7484633da43941b2ca2aec346156bc135f92a0c5be0bf30f5cd1bfc6ee0c37c9147b67838c12eb9eeff8d45f6c5be2be6780d81fb1d59cab2dec3250dc9fea3e437fc35d1c6fb30ef176ef6f76c5ff2e83fe99eee7495be88b1d226fcf15133bd6ae3d479da7e7183802f71c85a1f271add8a4ebe4959c76393cbbd0fb0fba868206609f0767aca7c097b966974ab8fe22c46e78fdb840af79054b6eb461f64942057d9958bd6c17e73e32d848d6824fcd56d9914c1b9ba41647bafed8