assets.itec.rwth-aachen.de

- RWTH Aachen -

Issued by DFN-Verein Global Issuing CA

About this certificate

This digital certificate with serial number 25:cd:7b:30:c7:c2:49:dd:4f:93:08:16 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

RWTH Aachen

Organization: RWTH Aachen
Organization unit: Lehrstuhl fuer Technik und Individuum
State / Province: Nordrhein-Westfalen
Locality: Aachen
Country: DE

Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.

Organization: Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Country: DE

This certificate has expire since

Certificate Details

Serial Number (hex): 25:cd:7b:30:c7:c2:49:dd:4f:93:08:16
Serial Number (int): 11699356907326023601952589846
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: a9:94:ed:af:8d:db:a8:12:a0:f6:32:3b:1d:b4:00:0e:2e:f0:07:15
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74

Fingerprint (sha1): e4:0d:d2:67:c7:9d:92:f1:29:c1:ce:fd:4b:b7:88:1c:bb:59:6d:36
Fingerprint (sha256): be:bc:d3:41:2a:46:49:d7:3a:cf:e5:15:98:10:86:92:cf:c5:8b:26:9d:32:4a:d2:d1:fc:80:eb:bc:bd:82:71

Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt

Revocation information

OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSP
CRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl

Check the revocation status for certificate assets.itec.rwth-aachen.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for assets.itec.rwth-aachen.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

assets.itec.rwth-aachen.de

Other certificates including the domain name rwth-aachen.de

(limited to 100 certificates)
frp.landeco.rwth-aachen.de
vpn.imr.rwth-aachen.de
red.isea.rwth-aachen.de
git.isea.rwth-aachen.de
raum.arch.rwth-aachen.de
asterix.isf.rwth-aachen.de
ds10.isf.rwth-aachen.de
studibv.cms.rwth-aachen.de
zk-itc.key.rwth-aachen.de
sapportal.zhv.rwth-aachen.de
mail.dorf.rwth-aachen.de
www.rwth-aachen.de
msg-medizin.klinikum.rwth-aachen.de
itv.rwth-aachen.de
studiolo.arch.rwth-aachen.de
kaffeekasse.embedded.rwth-aachen.de
mark.tvk.rwth-aachen.de
sbc-2-extdfn.pbx.rwth-aachen.de
metafa.fsmpi.rwth-aachen.de
www.shop.rwth-aachen.de
www.rwth-aachen.de
bl.lfi.rwth-aachen.de
www.hitnet.rwth-aachen.de
admin-test.streaming.rwth-aachen.de
gigamove.rwth-aachen.de
wahlomat.stud.rwth-aachen.de
msg-medizin.klinikum.rwth-aachen.de
messenger.ima.rwth-aachen.de
cloud.halifax.rwth-aachen.de
bas47.itc.rwth-aachen.de
web-std4.itc.rwth-aachen.de
fghw-community.lfi.rwth-aachen.de
www.hitnet.rwth-aachen.de
alu.w2k.metallurgie.rwth-aachen.de
bolm.oc.rwth-aachen.de
bolm.oc.rwth-aachen.de
exam.kbsg.rwth-aachen.de
vpn.meditec.rwth-aachen.de
www.hitnet.rwth-aachen.de
fs22.hpc.itc.rwth-aachen.de
anyvpn.embedded.rwth-aachen.de
vpn2.noc.rwth-aachen.de
ifaic.ika.rwth-aachen.de
lbd.arch.rwth-aachen.de
switch-altbau-og1.isf.rwth-aachen.de
htg.ifht.rwth-aachen.de
igcs-chennai.org
files.lfi.rwth-aachen.de
www.hitnet.rwth-aachen.de
formular-ts.zhv.rwth-aachen.de
wzl-lotus2.wzl.rwth-aachen.de
mail.rwth-aachen.de
ex10-casht01.zhv.rwth-aachen.de
helfer.halifax.rwth-aachen.de
www.water.rwth-aachen.de
fachschaften.rwth-aachen.de
test.sabio.itc.rwth-aachen.de
cucm-sub-22.pbx.rwth-aachen.de
mail.ind.rwth-aachen.de
www.ideal.rwth-aachen.de
vpn.lbz.rwth-aachen.de
www-i2.informatik.rwth-aachen.de
oauth.campus.rwth-aachen.de
vmhost-esxi-smq2-idrac.e3d.rwth-aachen.de
www.fskowi.rwth-aachen.de
www.lfb.rwth-aachen.de
d-mo05.devlef.campus.rwth-aachen.de
noc96.rz.rwth-aachen.de
autodiscover.ad.ibac.rwth-aachen.de
cloud10.dbis.rwth-aachen.de
my.ram.rwth-aachen.de
www.hitnet.rwth-aachen.de
vpn.e3d.rwth-aachen.de
nc19.itv.rwth-aachen.de
otrs.ias.rwth-aachen.de
institut2a.physik.rwth-aachen.de
mail-out-4.itc.rwth-aachen.de
quic.comsys.rwth-aachen.de
reifen-db.ika.rwth-aachen.de
vispa.physik.rwth-aachen.de
malta.informatik.rwth-aachen.de
ansible.automata.rwth-aachen.de
vpn.iwm.rwth-aachen.de
www.rwth-aachen.de
vpn.lbz.rwth-aachen.de
dev.iww.rwth-aachen.de
auger.physik.rwth-aachen.de
vreiff3.arch.rwth-aachen.de
belegi.halifax.rwth-aachen.de
www.embedded.rwth-aachen.de
www.compecon.rwth-aachen.de
calculus.itmc.rwth-aachen.de
vmhost-esxi-bf2-idrac.e3d.rwth-aachen.de
seko-rocket.itc.rwth-aachen.de
mail.rwth-aachen.de
transaction.medien.rwth-aachen.de
boreas.klinikum.rwth-aachen.de
vorreiter.iaw.rwth-aachen.de
backend.i11freunde.rwth-aachen.de
www.rwth-aachen.de

Certificate

The complete raw certificate details for assets.itec.rwth-aachen.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIMJc17MMfCSd1PkwgWMA0GCSqGSIb3DQEBCwUAMIGNMQsw
CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t
UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIx
MTIwNjEyMTAxMFoXDTIzMDEwNjEyMTAxMFowgacxCzAJBgNVBAYTAkRFMRwwGgYD
VQQIDBNOb3JkcmhlaW4tV2VzdGZhbGVuMQ8wDQYDVQQHDAZBYWNoZW4xFDASBgNV
BAoMC1JXVEggQWFjaGVuMS4wLAYDVQQLDCVMZWhyc3R1aGwgZnVlciBUZWNobmlr
IHVuZCBJbmRpdmlkdXVtMSMwIQYDVQQDDBphc3NldHMuaXRlYy5yd3RoLWFhY2hl
bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO9VKpcLdg2/k53l
Ax79c0cCl7vN2yR9wHBySHjXSHYNfS6NtTa+YSJVX2FeXdpmILtIr35oIaocoMdo
vyGtmUdw6IuxQJyuVoDBMFAKZLOP81UGRJMkhdn3PFNPolhVrDuw5TMFa3lAFqnf
hfU+8VhsFfp8Y5dL2LuW6qhKNvC2goP6n4KCcS2P6kZ9NHfdjDpgVTgLY8orrUM1
wXKOr6oveDdwkQGI7HH8VIxGmj4n8mtHXcrXvc2kfDLlIUTGNMBkVr7u3uK91v6M
KQPOp9iJftJZ1hCX2P1F38beBEajcXVTdmV2dx3NttTkXc66V5s3/2yRLlXYWWLR
WhSpX4kCAwEAAaOCAncwggJzMFcGA1UdIARQME4wCAYGZ4EMAQICMA0GCysGAQQB
ga0hgiweMA8GDSsGAQQBga0hgiwBAQQwEAYOKwYBBAGBrSGCLAEBBAowEAYOKwYB
BAGBrSGCLAIBBAowCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww
CgYIKwYBBQUHAwEwHQYDVR0OBBYEFKmU7a+N26gSoPYyOx20AA4u8AcVMB8GA1Ud
IwQYMBaAFGs6mIv58lOJ2uCtsjIeCR/oqjt0MCUGA1UdEQQeMByCGmFzc2V0cy5p
dGVjLnJ3dGgtYWFjaGVuLmRlMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9j
ZHAxLnBjYS5kZm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3JsL2NhY3JsLmNy
bDA/oD2gO4Y5aHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcy
L3B1Yi9jcmwvY2FjcmwuY3JsMIHbBggrBgEFBQcBAQSBzjCByzAzBggrBgEFBQcw
AYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZlci9PQ1NQMEkGCCsG
AQUFBzAChj1odHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIv
cHViL2NhY2VydC9jYWNlcnQuY3J0MEkGCCsGAQUFBzAChj1odHRwOi8vY2RwMi5w
Y2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NhY2VydC9jYWNlcnQuY3J0
MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCGpqLUl6mU
7lZAZQYqXUpXPRXrzf2l1/8yuLVDw68Xd3Ydss6Mq0SK7jd6miusGDrcHngLVjEk
Gavz23vePPCQ83tSlWp/iprQpE71Ri6uEr/dGtrVdrcJgkcZ8Ckd3pSWrCkB3zH3
bpx5I2bue3tDwBgxfC5sGpLLa/JSRqaTQ3burzLwyVvWATIoRxdqfP/g5XPCtswC
cao9EJAdPNWKc4xGdzjpyJMyhk4ZG3fpUv98BNbUGbN8wR78RP8Q4O6mSW+Kuhk8
9mKIoCJPURWFrHOVGcy2we8M3IsmuDz7d8GX4zWXsjtgNkKZd5G5Pyhh8dJ8iAky
NCfnr3B0wbYU
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71Uqlwt2Db+TneUDHv1z
RwKXu83bJH3AcHJIeNdIdg19Lo21Nr5hIlVfYV5d2mYgu0ivfmghqhygx2i/Ia2Z
R3Doi7FAnK5WgMEwUApks4/zVQZEkySF2fc8U0+iWFWsO7DlMwVreUAWqd+F9T7x
WGwV+nxjl0vYu5bqqEo28LaCg/qfgoJxLY/qRn00d92MOmBVOAtjyiutQzXBco6v
qi94N3CRAYjscfxUjEaaPifya0ddyte9zaR8MuUhRMY0wGRWvu7e4r3W/owpA86n
2Il+0lnWEJfY/UXfxt4ERqNxdVN2ZXZ3Hc221ORdzrpXmzf/bJEuVdhZYtFaFKlf
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11699356907326023601952589846
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-06 12:10:10 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-06 12:10:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Nordrhein-Westfalen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Aachen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'RWTH Aachen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Lehrstuhl fuer Technik und Individuum'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'assets.itec.rwth-aachen.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30212951987837445647657767320010474913575724791102044702934725127961428188949622690561642682199788555825391431896242013021018517142895569956976251428036313886019710527703248766651494244009304521515236220589135204101213625678401447896533419576746720626494572800723819212584826166878151259179508725865682869025347417716898458015038771839925823923270424298815531052340059377400868156187210103688081325173686027208232497099060785740850850760229222363769020828249003756616627783607705602595353942224168649821120658493562394362430810880760783362582746172509003320079384670459744377272587035567309462116954431731989821874057
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.10
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.10
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a994edaf8ddba812a0f6323b1db4000e2ef00715
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.itec.rwth-aachen.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0086a6a2d497a994ee564065062a5d4a573d15ebcdfda5d7ff32b8b543c3af1777761db2ce8cab448aee377a9a2bac183adc1e780b56312419abf3db7bde3cf090f37b52956a7f8a9ad0a44ef5462eae12bfdd1adad576b709824719f0291dde9496ac2901df31f76e9c792366ee7b7b43c018317c2e6c1a92cb6bf25246a6934376eeaf32f0c95bd601322847176a7cffe0e573c2b6cc0271aa3d10901d3cd58a738c467738e9c89332864e191b77e952ff7c04d6d419b37cc11efc44ff10e0eea6496f8aba193cf66288a0224f511585ac739519ccb6c1ef0cdc8b26b83cfb77c197e33597b23b603642997791b93f2861f1d27c8809323427e7af7074c1b614