idp.zu.de
- Zeppelin Universitaet gemeinnuetzige GmbH -
Issued by DFN-Verein Global Issuing CA
About this certificate
This digital certificate with serial number 27:83:34:ef:ef:6f:2e:1b:b5:ff:df:ee was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Zeppelin Universitaet gemeinnuetzige GmbH
Organization:
Zeppelin Universitaet gemeinnuetzige GmbH
State / Province:
Baden-Wuerttemberg
Locality: Friedrichshafen
Country: DE
Locality: Friedrichshafen
Country: DE
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization:
Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Organization unit: DFN-PKI
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 27:83:34:ef:ef:6f:2e:1b:b5:ff:df:eeSerial Number (int): 12228534654483976334319017966
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: ee:a5:47:52:b9:f6:9e:06:99:a7:8a:63:23:93:7a:a3:ae:b4:40:38
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74
Fingerprint (sha1): 9b:1c:7c:66:14:01:9f:97:ab:6a:b0:6a:83:c0:df:92:da:f9:a2:fa
Fingerprint (sha256): d0:79:fd:a8:1f:1b:90:e3:bf:aa:38:51:5c:03:2f:2b:9e:17:bb:7e:4e:d5:84:25:09:8c:d3:4b:8b:70:a1:e5
Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Revocation information
OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSPCRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
Check the revocation status for certificate idp.zu.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for idp.zu.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
idp.zu.de
Other certificates including the domain name zu.de
(limited to 100 certificates)
repro.zu.de
opus4.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
connect.zu.de
ts.zu.de
radsec.zu.de
ezproxy.zu.de
learning.zu.de
helpdesk.zu.de
repos.bsz-bw.de
email.zu.de
email.zu.de
www.zu.de
dms.zu.de
zucoyo.zu.de
cms.zu.de
cms.zu.de
cms.zu.de
repos.bsz-bw.de
app.zu.de
email.zu.de
email.zu.de
email.zu.de
navweb.zu.de
repos.bsz-bw.de
email.zu.de
cards.jonathanmuth.com
svp.zu.de
*.pbx.zu.de
radsec.zu.de
helpdesk.zu.de
guestportal.zu.de
mediathek.zu.de
guestlogin.zu.de
guestportal.zu.de
coyo.zu.de
zu.de
planspiel.zu.de
cms.zu.de
zu.de
repos.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
zu.de
repro.zu.de
cms.zu.de
repos.bsz-bw.de
m.zu.de
repos.bsz-bw.de
cms.zu.de
systemone.zu.de
opus4.bsz-bw.de
guestportal.zu.de
learning.zu.de
email.zu.de
email.zu.de
zu.de
opus4.bsz-bw.de
finreporting.zu.de
helpdesk.zu.de
learning.zu.de
WEBMAIL.ZU.DE
cms.zu.de
guestportal.zu.de
opus4.bsz-bw.de
systemone.zu.de
adfs.zu.de
cms.zu.de
idp.zu.de
radsec.zu.de
zu.de
zuqpilot.zu.de
www.zu.de
reporting.zu.de
dms.zu.de
connect.zu.de
cntest.zu.de
repos.bsz-bw.de
m.zu.de
opus4.bsz-bw.de
zuqpilot.zu.de
learning.zu.de
repos.bsz-bw.de
dms.zu.de
opus4.bsz-bw.de
systemone.zu.de
m.zu.de
rdweb.zu.de
mediathek.zu.de
radsec.zu.de
www.zu.de
idp.zu.de
zu.de
systemone.zu.de
www.zu.de
opus4.bsz-bw.de
adfs.zu.de
*.pbx.zu.de
ts.zu.de
opus4.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
connect.zu.de
ts.zu.de
radsec.zu.de
ezproxy.zu.de
learning.zu.de
helpdesk.zu.de
repos.bsz-bw.de
email.zu.de
email.zu.de
www.zu.de
dms.zu.de
zucoyo.zu.de
cms.zu.de
cms.zu.de
cms.zu.de
repos.bsz-bw.de
app.zu.de
email.zu.de
email.zu.de
email.zu.de
navweb.zu.de
repos.bsz-bw.de
email.zu.de
cards.jonathanmuth.com
svp.zu.de
*.pbx.zu.de
radsec.zu.de
helpdesk.zu.de
guestportal.zu.de
mediathek.zu.de
guestlogin.zu.de
guestportal.zu.de
coyo.zu.de
zu.de
planspiel.zu.de
cms.zu.de
zu.de
repos.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
zu.de
repro.zu.de
cms.zu.de
repos.bsz-bw.de
m.zu.de
repos.bsz-bw.de
cms.zu.de
systemone.zu.de
opus4.bsz-bw.de
guestportal.zu.de
learning.zu.de
email.zu.de
email.zu.de
zu.de
opus4.bsz-bw.de
finreporting.zu.de
helpdesk.zu.de
learning.zu.de
WEBMAIL.ZU.DE
cms.zu.de
guestportal.zu.de
opus4.bsz-bw.de
systemone.zu.de
adfs.zu.de
cms.zu.de
idp.zu.de
radsec.zu.de
zu.de
zuqpilot.zu.de
www.zu.de
reporting.zu.de
dms.zu.de
connect.zu.de
cntest.zu.de
repos.bsz-bw.de
m.zu.de
opus4.bsz-bw.de
zuqpilot.zu.de
learning.zu.de
repos.bsz-bw.de
dms.zu.de
opus4.bsz-bw.de
systemone.zu.de
m.zu.de
rdweb.zu.de
mediathek.zu.de
radsec.zu.de
www.zu.de
idp.zu.de
zu.de
systemone.zu.de
www.zu.de
opus4.bsz-bw.de
adfs.zu.de
*.pbx.zu.de
ts.zu.de
Certificate
The complete raw certificate details for idp.zu.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHEzCCBfugAwIBAgIMJ4M07+9vLhu1/9/uMA0GCSqGSIb3DQEBCwUAMIGNMQsw CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTIy MTEwMzEyNDMxNFoXDTIzMTIwNDEyNDMxNFowgYwxCzAJBgNVBAYTAkRFMRswGQYD VQQIDBJCYWRlbi1XdWVydHRlbWJlcmcxGDAWBgNVBAcMD0ZyaWVkcmljaHNoYWZl bjEyMDAGA1UECgwpWmVwcGVsaW4gVW5pdmVyc2l0YWV0IGdlbWVpbm51ZXR6aWdl IEdtYkgxEjAQBgNVBAMMCWlkcC56dS5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP ADCCAgoCggIBALhO9jIN8aBxCSEaFOuQ8Bs4zIFwdTG3FEIpknx+QJPZmCROhLML brqf+pxaTdaOY0Z5rvOWsvkUrINDyFcJ1eAosz4RuIdL8olrGVO3bzuh4bjOBS3F RTPOhWM4LWrMqBOCweaP41Xr41IZOA/ccTM4X1YKQwuuQ+blXLolXLcFaoCDMril GKNXHIuZ9+RqHXFliPD4aL/La1vt1pgbtjAgpD+r3P0BHcRwTRUP7NzpXu8rnTZF 5BeT4cbka+PXduud04mBkZsmLIlE0b++xk+jD4Xra/jTFBb0o9yeYZvmnRUrr5RZ EjZGR+RXt8U9sJWYtdfhvZksbpURqUr/xP7RjGtgxD3ggGjuBxSeKAlHUdQ27QWx J0X4LnxirAjmQxSWusagTknaLDTaiu416o89NOU5KhFgalzahZ9oFSj8VPMPjSzK QKRtlqX4K9/UhbHPN4cuxwM0RJ4jcHYw/4HCVZNWcch8Hpm83fUD9OeBGqvVvIID RW82VTfsoc46ho3E07gdDEZvgE676T+yPIDF0FIGiz5a/Q2VrA2BKtVx7higwCTu qJ++OKqCjbokOP7/8NlHSDfSyohGp4oiuTX2TvImVNhgogPva9dRLoTiltfcLcCa 9pwyIjjIQBp25TJGx+bHeKxJpVBl16+RXweI+5ZZqxrDwcZ4kr6bXIOPAgMBAAGj ggJwMIICbDBXBgNVHSAEUDBOMAgGBmeBDAECAjANBgsrBgEEAYGtIYIsHjAPBg0r BgEEAYGtIYIsAQEEMBAGDisGAQQBga0hgiwBAQQKMBAGDisGAQQBga0hgiwCAQQK MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDATAdBgNVHQ4EFgQU7qVHUrn2ngaZp4pjI5N6o660QDgwHwYDVR0j BBgwFoAUazqYi/nyU4na4K2yMh4JH+iqO3QwFAYDVR0RBA0wC4IJaWRwLnp1LmRl MIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZGZu LWNhLWdsb2JhbC1nMi9wdWIvY3JsL2NhY3JsLmNybDA/oD2gO4Y5aHR0cDovL2Nk cDIucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jcmwvY2FjcmwuY3Js MIHbBggrBgEFBQcBAQSBzjCByzAzBggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNh LmRmbi5kZS9PQ1NQLVNlcnZlci9PQ1NQMEkGCCsGAQUFBzAChj1odHRwOi8vY2Rw MS5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9iYWwtZzIvcHViL2NhY2VydC9jYWNlcnQu Y3J0MEkGCCsGAQUFBzAChj1odHRwOi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi1jYS1n bG9iYWwtZzIvcHViL2NhY2VydC9jYWNlcnQuY3J0MBMGCisGAQQB1nkCBAMBAf8E AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCVOp+etvGCIPfLV5pegsBg/eP/tw+hKpOp lialS8lTiFjOa1Qzu5NatYjz6TnGa+GZMstvERUOd+CLxMXNeQnZXtB7zULqYf/8 bRxr5wLyvqvCxbTXeFFMrLOJhoLpGXetyAaDeQd4Rf/XeYkOUP5Cup26TR1WAX85 IyXnB3ZOv5mGVr4LCCJZ289xDh1i8DmZvJV4r5bu4PPNJwIX12CKzJKR0XlFnKgb WiMyLU2/e00bJoTJKUlOlw1yX7mS+oXYFGAEgWu3Ht4LCAjmLp567wmzecUkEISP BteBEgcZjKFhUejDRrhja/d5Nllv0kBALXROczh6gI+WyhEGjloP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuE72Mg3xoHEJIRoU65Dw GzjMgXB1MbcUQimSfH5Ak9mYJE6Eswtuup/6nFpN1o5jRnmu85ay+RSsg0PIVwnV 4CizPhG4h0vyiWsZU7dvO6HhuM4FLcVFM86FYzgtasyoE4LB5o/jVevjUhk4D9xx MzhfVgpDC65D5uVcuiVctwVqgIMyuKUYo1cci5n35GodcWWI8Phov8trW+3WmBu2 MCCkP6vc/QEdxHBNFQ/s3Ole7yudNkXkF5PhxuRr49d2653TiYGRmyYsiUTRv77G T6MPhetr+NMUFvSj3J5hm+adFSuvlFkSNkZH5Fe3xT2wlZi11+G9mSxulRGpSv/E /tGMa2DEPeCAaO4HFJ4oCUdR1DbtBbEnRfgufGKsCOZDFJa6xqBOSdosNNqK7jXq jz005TkqEWBqXNqFn2gVKPxU8w+NLMpApG2Wpfgr39SFsc83hy7HAzREniNwdjD/ gcJVk1ZxyHwembzd9QP054Eaq9W8ggNFbzZVN+yhzjqGjcTTuB0MRm+ATrvpP7I8 gMXQUgaLPlr9DZWsDYEq1XHuGKDAJO6on744qoKNuiQ4/v/w2UdIN9LKiEaniiK5 NfZO8iZU2GCiA+9r11EuhOKW19wtwJr2nDIiOMhAGnblMkbH5sd4rEmlUGXXr5Ff B4j7llmrGsPBxniSvptcg48CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12228534654483976334319017966 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-03 12:43:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-04 12:43:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Wuerttemberg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Friedrichshafen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zeppelin Universitaet gemeinnuetzige GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'idp.zu.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 751912850844567679826138200785282651146322173154587278567633225164574299378824465793374752286603095615337452402266151377533600842857038193462392956057631458887337587100347137405698219512138958483830062077690768896602044471151636176729232100483702557228967963442498382598293014803442409797657400655422955277407703304118145726143801519572347715844469909083950383567787580941432262571919919463202119396446408677383782468014587201225387872257594498257996935480372840354034610953284240737537735165564594448500685999535310549238851109495487654049369331386217828776202207540489322488241879362910128621458626166307075553582518051305218913935530004735629550857690224780536670713963797461053245390853098635525617458956479152024561287868371905715465164588292473249444258291387658150643524153196805830664151350657964079129581695068854000540097813379513928537824201693533551207748297525855112190947806848269327024678972390645405997517447404597645854183596372173653022601621075438646435811427634850063248608029520633982387903067189084573238134033169236277383825869540021880019163278325364653647942110934878500038421201287942652666309587546064670161112546323456233084021881766843937264328908878523029899001649576191063724350882609668776738112177039 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.10 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) eea54752b9f69e0699a78a6323937aa3aeb44038 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp.zu.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00953a9f9eb6f18220f7cb579a5e82c060fde3ffb70fa12a93a99626a54bc9538858ce6b5433bb935ab588f3e939c66be19932cb6f11150e77e08bc4c5cd7909d95ed07bcd42ea61fffc6d1c6be702f2beabc2c5b4d778514cacb3898682e91977adc8068379077845ffd779890e50fe42ba9dba4d1d56017f392325e707764ebf998656be0b082259dbcf710e1d62f03999bc9578af96eee0f3cd270217d7608acc9291d179459ca81b5a23322d4dbf7b4d1b2684c929494e970d725fb992fa85d8146004816bb71ede0b0808e62e9e7aef09b379c52410848f06d7811207198ca16151e8c346b8636bf77936596fd240402d744e73387a808f96ca11068e5a0f