OV SSL/TLS Certificate for *.bibliothek.uni-kassel.de Issued to Universitaet Kassel

Certificate is witin its validity period

Issued by Hellenic Academic and Research Institutions CA (GEANT TLS RSA 1)

About the *.bibliothek.uni-kassel.de OV SSL/TLS Certificate

This certificate with serial number 25:c2:c4:0e:d7:89:02:a5:7b:36:75:0a:11:f3:c0:9a for *.bibliothek.uni-kassel.de was issued on by Hellenic Academic and Research Institutions CA.

With 4 subject alternative names, this certificate can be used to secure multiple FQDNs. This OV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this OV SSL/TLS Certificate review for *.bibliothek.uni-kassel.de provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Hellenic Academic and Research Institutions CA

Organization: Hellenic Academic and Research Institutions CA
Country: GR

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 25:c2:c4:0e:d7:89:02:a5:7b:36:75:0a:11:f3:c0:9a
Serial Number (int): 50192717962779147230680141764756750490
Serial Number Length: 126 bits, 16 octets

Subject Key Identifier: 3e:09:1f:fa:ac:1a:39:df:d3:f4:fc:d0:e7:14:19:90:3b:84:f4:87
Authority Key Identifier: 86:01:72:3f:8c:a9:70:e2:31:06:53:16:ce:01:5f:5b:79:c8:3c:3b

Fingerprint (SHA-1): ee:ab:be:a1:32:93:2c:20:b2:e2:d9:02:a8:6e:63:79:9e:42:40:89
Fingerprint (SHA-256): c4:61:6a:50:35:55:b2:06:69:a8:df:06:2a:11:79:ec:7c:c8:69:ea:fc:9e:b7:24:66:9b:57:01:8f:c1:9b:57

Issuing Certificate URL: http://crt.harica.gr/HARICA-GEANT-TLS-R1.cer

Revocation Information

OCSP Server: http://ocsp-tls.harica.gr
CRL Distribution Point: http://crl.harica.gr/HARICA-GEANT-TLS-R1.crl

Check the revocation status for certificate *.bibliothek.uni-kassel.de
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.bibliothek.uni-kassel.de

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.bibliothek.uni-kassel.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIICDCCBnCgAwIBAgIQJcLEDteJAqV7NnUKEfPAmjANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEYMBYGA1UEAwwPR0VBTlQgVExTIFJTQSAx
MB4XDTI1MDUwNTA5MzgwMloXDTI2MDUwNTA5MzgwMlowYTELMAkGA1UEBhMCREUx
DzANBgNVBAgMBkhlc3NlbjEcMBoGA1UECgwTVW5pdmVyc2l0YWV0IEthc3NlbDEj
MCEGA1UEAwwaKi5iaWJsaW90aGVrLnVuaS1rYXNzZWwuZGUwggIiMA0GCSqGSIb3
DQEBAQUAA4ICDwAwggIKAoICAQD4s85s9gBt4ifJGckgBlMUHKrhVqHVpdUVHWZF
JCZh37LXH6Xxsc/JsH+IxRYTe12jj7betdB6x/JkGF3zgzem/NBCqduXzj/qLmfm
RkvShzLnPLbS9PnefnvP0yxNIzv3s5sThNA6aC5ZY10YWHetPeRPbKi1nTM9B2Iy
x2TdbLICeFbSRtEUnnPwjQuupqB8EyIbyuq1thOkBhz4C30K4hwK4/rXHJduduuu
x4dsxcNgmdmzFd5UvRJNoX9VBkEaIFq5M6gOsYqaMzCA/Nga72F45A1Zm24zDPBB
uxVLz9DhwxW1z+3nLHNISIl+ZIoCA3YSjh10W1ISGKOobJFg2/WuebN0tKl0gipC
7vRYQWXv1N1eqSOIooMl1YNLxqVRetuVg1Ovi3maSuxgubD8FGaA7glyby5Y4rij
3BW+rvsUYtd0iZ2p172wYKGp8rU9kB8IeDXlXUSDInEGiUGlrkh0Fn6+8HRFAqVy
/hqUX2xfIrnIJk/y+0k+s4JCD5SQgxKi8urdnRml+r1h3nHInf7r95Exui3JjHaI
hTPMBuUWDCYxC6E8fOzYfqaa+zDDBkIF9SWtpniQF1J0opW9Fvn+CD7OPfBNdLnu
XwTbRyADWauY15+6zBXIFKpOqzJYlGB9Pj+bWhvoA2U/lgOMLgwxQ8lE56rZzEuR
BtO1NwIDAQABo4IDOzCCAzcwHwYDVR0jBBgwFoAUhgFyP4ypcOIxBlMWzgFfW3nI
PDswbwYIKwYBBQUHAQEEYzBhMDgGCCsGAQUFBzAChixodHRwOi8vY3J0Lmhhcmlj
YS5nci9IQVJJQ0EtR0VBTlQtVExTLVIxLmNlcjAlBggrBgEFBQcwAYYZaHR0cDov
L29jc3AtdGxzLmhhcmljYS5ncjBlBgNVHREEXjBcghoqLmJpYmxpb3RoZWsudW5p
LWthc3NlbC5kZYIYYmlibGlvdGhlay51bmkta2Fzc2VsLmRlghIqLnViLnVuaS1r
YXNzZWwuZGWCEHViLnVuaS1rYXNzZWwuZGUwLQYDVR0gBCYwJDAIBgZngQwBAgIw
CAYGBACPegEHMA4GDCsGAQQBgc8RAQEBAjAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
KwYBBQUHAwEwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5oYXJpY2EuZ3Iv
SEFSSUNBLUdFQU5ULVRMUy1SMS5jcmwwHQYDVR0OBBYEFD4JH/qsGjnf0/T80OcU
GZA7hPSHMA4GA1UdDwEB/wQEAwIFoDCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFo
AHUADleUvPOuqT4zGyyZB7P3kN+bwj1xMiXdIaklrGHFTiEAAAGWn9hvlAAABAMA
RjBEAiB+vbogIO8aI1z4v6l/MHC7nIURaJe52OHoaAgQI3QrAQIgTi/COJWnr+GX
yKj/mhiKy99sianyDqDH6SEx0oVNNNcAdwDLOPcViXyEoURfW8Hd+8lu8ppZzUcK
aQWFsMsUwxRY5wAAAZaf2HBuAAAEAwBIMEYCIQClu3R6H0YrunqZW+hoP/5ge5hL
2EMVJqjYG6AStT9r+QIhAOHo/Efj1yOqGOMSFJwrciX2N9CcqAeHviUhtVmQPwP7
AHYAlpdkv1VYl633Q4doNwhCd+nwOtX2pPM2bkakPw/KqcYAAAGWn9hvEwAABAMA
RzBFAiEAyPaNOvcDvj2hNrMGCUbx3FISaNfh3MVatD3VePeMGi4CIGRCUOQDUh8i
1wcZaCGu4YDZ5NnJrnZ+N3RO8mw9X8f1MA0GCSqGSIb3DQEBCwUAA4IBgQA+XAhX
15ibFtIYQUJeF7qb+wSaCxPWchkErLj2KlwsjVWKfYAEMYUcdZ35TuYl3YlJOePH
mMEMl3qzUNVN1GfuyJMgzL7dE6gbVeHQCKUGartKqsseMF49qkHKSMg6Tx0IjqYa
x/H9/MJuiaEFIeJYxHXOkUTWVrqOLG7NTaMNzqNZzR7COwPhWtUnS5Z+zytMADAY
8yjzBWgw3nhLdxa3lzgzV6OsQz7wrM3a8f6yMmZ4Sy+nu4iWZ2UArh2rNJy7iha6
wQlr49vkxdsK/TPnPsXVOBv0xQq63fH/+rhKoozYEqXvZNxH/EQf0+ldTGptPpzZ
HNXWQlYB6yHEsYvI1ManhiJ7ioFZ3R5XPFcaB5uaQxtmxfx9bMEa6E1Lkmo/jES0
FCEnV9BEav2vEmtomPoGkC9doFkwN4n2xgYuAhff8F+6z8WoNUOOuIYltRUgnWrq
+VH2FOE5t6bEzFkp02ItWDHA8llOrf8sUXiryK+eyRlvei83v3bj2353Gvs=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA+LPObPYAbeInyRnJIAZT
FByq4Vah1aXVFR1mRSQmYd+y1x+l8bHPybB/iMUWE3tdo4+23rXQesfyZBhd84M3
pvzQQqnbl84/6i5n5kZL0ocy5zy20vT53n57z9MsTSM797ObE4TQOmguWWNdGFh3
rT3kT2yotZ0zPQdiMsdk3WyyAnhW0kbRFJ5z8I0LrqagfBMiG8rqtbYTpAYc+At9
CuIcCuP61xyXbnbrrseHbMXDYJnZsxXeVL0STaF/VQZBGiBauTOoDrGKmjMwgPzY
Gu9heOQNWZtuMwzwQbsVS8/Q4cMVtc/t5yxzSEiJfmSKAgN2Eo4ddFtSEhijqGyR
YNv1rnmzdLSpdIIqQu70WEFl79TdXqkjiKKDJdWDS8alUXrblYNTr4t5mkrsYLmw
/BRmgO4Jcm8uWOK4o9wVvq77FGLXdImdqde9sGChqfK1PZAfCHg15V1EgyJxBolB
pa5IdBZ+vvB0RQKlcv4alF9sXyK5yCZP8vtJPrOCQg+UkIMSovLq3Z0Zpfq9Yd5x
yJ3+6/eRMbotyYx2iIUzzAblFgwmMQuhPHzs2H6mmvswwwZCBfUlraZ4kBdSdKKV
vRb5/gg+zj3wTXS57l8E20cgA1mrmNefuswVyBSqTqsyWJRgfT4/m1ob6ANlP5YD
jC4MMUPJROeq2cxLkQbTtTcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 50192717962779147230680141764756750490
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Hellenic Academic and Research Institutions CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GEANT TLS RSA 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-05 09:38:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-05-05 09:38:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Hessen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Universitaet Kassel'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.bibliothek.uni-kassel.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1014617142578472041596945550960661851475022573028785350931100259776384447522665479254191797569079985394906064449240473844326680468774237729503924919077559446350033394770956034826505244661774296749767654421404967056049288511179177503876077221455284975883657867172047041548451823131904285332957089089549253358231213253623837544642695975803478598641998452179925322672161502297207201419464120653608331962162578164462082452682544964193238523760626300056261309300466881506030527562569164942808216265317739807169940627705451255011369969742513561758750900464139775716892342944862132737760907128474153328868365606690887777630648804723526168635325132360392106320903324199926929089022732003394380002860340986632855194654105970920792026524319843237957550109747292493819433127146277035156085559048754236595729064811372840982716897540203103171092921040541865022849442295076173410970938048556237226233426729702415790895650392068935245032816370807449997868805995501252920059496355712496808701085896852049657509013190153154397595044148240849634190371123101054739933402286309605978284639769456628738891074069804799739488299213991000443780533815151289467665505073850069680884406975447068874460203243550511668642826111372257782988911975821897495844468023
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8601723f8ca970e231065316ce015f5b79c83c3b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.harica.gr/HARICA-GEANT-TLS-R1.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp-tls.harica.gr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bibliothek.uni-kassel.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bibliothek.uni-kassel.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ub.uni-kassel.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ub.uni-kassel.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.26513.1.1.1.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.harica.gr/HARICA-GEANT-TLS-R1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3e091ffaac1a39dfd3f4fcd0e71419903b84f487
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680075000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e21000001969fd86f94000004030046304402207ebdba2020ef1a235cf8bfa97f3070bb9c85116897b9d8e1e868081023742b0102204e2fc23895a7afe197c8a8ff9a188acbdf6c89a9f20ea0c7e92131d2854d34d7007700cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e7000001969fd8706e0000040300483046022100a5bb747a1f462bba7a995be8683ffe607b984bd8431526a8d81ba012b53f6bf9022100e1e8fc47e3d723aa18e312149c2b7225f637d09ca80787be2521b559903f03fb007600969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c6000001969fd86f130000040300473045022100c8f68d3af703be3da136b3060946f1dc521268d7e1dcc55ab43dd578f78c1a2e0220644250e403521f22d707196821aee180d9e4d9c9ae767e37744ef26c3d5fc7f5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		003e5c0857d7989b16d21841425e17ba9bfb049a0b13d6721904acb8f62a5c2c8d558a7d800431851c759df94ee625dd894939e3c798c10c977ab350d54dd467eec89320ccbedd13a81b55e1d008a5066abb4aaacb1e305e3daa41ca48c83a4f1d088ea61ac7f1fdfcc26e89a10521e258c475ce9144d656ba8e2c6ecd4da30dcea359cd1ec23b03e15ad5274b967ecf2b4c003018f328f3056830de784b7716b797383357a3ac433ef0accddaf1feb23266784b2fa7bb8896676500ae1dab349cbb8a16bac1096be3dbe4c5db0afd33e73ec5d5381bf4c50abaddf1fffab84aa28cd812a5ef64dc47fc441fd3e95d4c6a6d3e9cd91cd5d6425601eb21c4b18bc8d4c6a786227b8a8159dd1e573c571a079b9a431b66c5fc7d6cc11ae84d4b926a3f8c44b414212757d0446afdaf126b6898fa06902f5da059303789f6c6062e0217dff05fbacfc5a835438eb88625b515209d6aeaf951f614e139b7a6c4cc5929d3622d5831c0f2594eadff2c5178abc8af9ec9196f7a2f37bf76e3db7e771afb