diginet-services.aot.tu-berlin.de

- Technische Universitaet Berlin -

Issued by DFN-Verein Global Issuing CA

About this certificate

This digital certificate with serial number 1f:5d:56:5d:6b:45:13:0b:ba:38:bb:d6 was issued on by Verein zur Foerderung eines Deutschen Forschungsnetzes e. V..

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Technische Universitaet Berlin

Organization: Technische Universitaet Berlin
Organization unit: DAI-Labor
State / Province: Berlin
Locality: Berlin
Country: DE

Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.

Organization: Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.
Organization unit: DFN-PKI
Country: DE

This certificate has expire since

Certificate Details

Serial Number (hex): 1f:5d:56:5d:6b:45:13:0b:ba:38:bb:d6
Serial Number (int): 9706873252480188564733737942
Serial Number lenght: 93 bits, 12 octets

SubjectKeyId: 48:b0:f7:b5:eb:1f:8b:bf:94:26:84:e3:59:3e:89:56:4c:36:4a:db
AuthorityKeyId: 6b:3a:98:8b:f9:f2:53:89:da:e0:ad:b2:32:1e:09:1f:e8:aa:3b:74

Fingerprint (sha1): 36:65:5a:5e:19:d5:31:47:57:7a:16:06:0d:71:d1:11:98:95:17:7a
Fingerprint (sha256): d0:d9:59:4c:ed:a6:51:73:aa:a1:5e:d7:26:e4:54:21:52:2e:5a:17:c5:9b:c8:3e:3c:10:10:a5:1a:49:25:6f

Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt

Revocation information

OCSP Server: http://ocsp.pca.dfn.de/OCSP-Server/OCSP
CRL Distribution Point: http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl

Check the revocation status for certificate diginet-services.aot.tu-berlin.de

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for diginet-services.aot.tu-berlin.de

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

diginet-services.aot.tu-berlin.de
diginet-services.dai-lab.de
diginet-services.dai-labor.de

Other certificates including the domain name tu-berlin.de

(limited to 100 certificates)
www.dcaiti.tu-berlin.de
f5-nebenblock6.tubit.tu-berlin.de
puma2.inet.tu-berlin.de
www3.tu-berlin.de
video.isis.tu-berlin.de
ubsrvapp01.ub.tu-berlin.de
alex.qu.tu-berlin.de
www.dai-labor.de
f5-nebenblock6.tubit.tu-berlin.de
webident.tubit.tu-berlin.de
www.tu-sport.de
inv.ak.tu-berlin.de
lsf.tubit.tu-berlin.de
uni-flensburg.shib-sp.tubcloud.tu-berlin.de
etherpad.innocampus.tu-berlin.de
www.depositonce.tu-berlin.de
rappsilberlab.org
f2-rd-driess.org.tu-berlin.de
adj.users.ak.tu-berlin.de
uimp-01.tu-berlin.de
ace-hauptblock2.tubit.TU-Berlin.DE
moodle.bzhl.tu-berlin.de
tubit-vbb-01.tubit.win.tu-berlin.de
proxy-tc-02.intern.tu-berlin.de
www.chem.tu-berlin.de
f2-rd-lenz.org.tu-berlin.de
clsw1.physik-pool.tu-berlin.de
srv-peri1.chem.tu-berlin.de
ace-hauptblock4.tubit.tu-berlin.de
serverkneissl.physik.tu-berlin.de
bree.physik.tu-berlin.de
autolab.service.tu-berlin.de
web.physik-pool.tu-berlin.de
ucm-test.tu-berlin.de
ace-nebenblock4.tubit.tu-berlin.de
nubes.bbaw.de
asta.tu-berlin.de
ace-hauptblock3.tubit.tu-berlin.de
ubsrvweb06.ub.tu-berlin.de
rappsilberlab.org
exchange.tu-berlin.de
www.concur2017.tu-berlin.de
view.tubit.tu-berlin.de
ace-nebenblock5.tubit.tu-berlin.de
clsw2.physik-pool.tu-berlin.de
ace-nebenblock5.tubit.tu-berlin.de
vserver1.grundbau.tu-berlin.de
dai-labor.de
ace-nebenblock3.tubit.tu-berlin.de
ace-nebenblock2.tubit.tu-berlin.de
ubsrvweb16.ub.tu-berlin.de
wiki.verkehrsplanung.tu-berlin.de
selfpass.ikm.tu-berlin.de
autolab.service.tu-berlin.de
leibniz-gemeinschaft.tubcloud.tu-berlin.de
intern.sec.t-labs.tu-berlin.de
student-survey.ak.tu-berlin.de
win-dc3.win.tu-berlin.de
ace-nebenblock4.tubit.tu-berlin.de
ace-hauptblock3.tubit.tu-berlin.de
guest41.innocampus.tu-berlin.de
files.snet.tu-berlin.de
gitlab.inet.tu-berlin.de
srv.zfge.tu-berlin.de
viewconserv03.uv.win.tu-berlin.de
shibboleth.innocampus.tu-berlin.de
eb104.tu-berlin.de
www.concur2017.tu-berlin.de
git.ikm.tu-berlin.de
pxe.physik-pool.tu-berlin.de
speedikon-web.svc.tu-berlin.de
pad.innocampus.tu-berlin.de
support.zecm.tu-berlin.de
ace-nebenblock5.tubit.tu-berlin.de
git.snet.tu-berlin.de
voip.zecm.tu-berlin.de
kurse.zems.tu-berlin.de
ubsrvweb12.ub.tu-berlin.de
ubsrvapp18.org.tu-berlin.de
www.events.tu-berlin.de
clt.ak.tu-berlin.de
ubsrvweb19.ub.tu-berlin.de
ace-nebenblock4.tubit.tu-berlin.de
logs.e-relaunch.tu-berlin.de
ace-hauptblock2.tubit.TU-Berlin.DE
ace-nebenblock5.tubit.tu-berlin.de
sichere-stromnetze-durch-monitoring.de
www3.tu-berlin.de
jenkins.dai-labor.de
proxy-tc-04.intern.tu-berlin.de
pam2018.inet.berlin
ace-hauptblock4.tubit.tu-berlin.de
video.isis.tu-berlin.de
hds.voip.tu-berlin.de
ldap-vm1.tu-berlin.de
cloud.tdu.tu-berlin.de
teambe.zecm.tu-berlin.de
ace-nebenblock5.tubit.tu-berlin.de
ns.tu-berlin.de
apt.tubit.win.tu-berlin.de

Certificate

The complete raw certificate details for diginet-services.aot.tu-berlin.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHazCCBlOgAwIBAgIMH11WXWtFEwu6OLvWMA0GCSqGSIb3DQEBCwUAMIGNMQsw
CQYDVQQGEwJERTFFMEMGA1UECgw8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLDAdERk4t
UEtJMSUwIwYDVQQDDBxERk4tVmVyZWluIEdsb2JhbCBJc3N1aW5nIENBMB4XDTE4
MDcwNTA4MzczN1oXDTIwMTAwNzA4MzczN1owgZgxCzAJBgNVBAYTAkRFMQ8wDQYD
VQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjEnMCUGA1UECgweVGVjaG5pc2No
ZSBVbml2ZXJzaXRhZXQgQmVybGluMRIwEAYDVQQLDAlEQUktTGFib3IxKjAoBgNV
BAMMIWRpZ2luZXQtc2VydmljZXMuYW90LnR1LWJlcmxpbi5kZTCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAMWIKRTyh/LblL9k3hWMxFVDqSHSC+4bdJQ/
PzEPhrYl3KnUIciyFGw+Sq1xgkug7T066PjMLznNSsdj/oJUUBbY5wzgQvpquyJo
/ZxOfZCulSxVamLxaahF/T9OGWeatOpi80JJvoImYFZyOLbqIKv5pV/16J/T+5b+
lCI2+hkEtNoIPdKfgVJHKLoePtq9nmFWznM43ma4rQQ9tsDCTK1D+ZTIBh7JmRUK
SMORKQux25dUVuIR3IBWkYZJ2k1Bm4hHMcMm2WFyfDPegvLwUFQyy25ei2fG9KSs
EiOmvZYvXWdRd9PFp/JadEBel24wBRD80QnPGcksjpWLeaqO80mw0W+wEYRVSFI+
WMcmv0U4uSjIHlLV7CfqbCZSnF+CZHJsdN4r0Yje6azwPKBkUaaHf+gssF4nVOGG
YUYPnNtXlkvNqHcfRfiIgKZmaVys7esr2CAGJdBRWktg8CPrPwrfxzwTgNDbuwWO
DO8AmRIYy3Nk9PFAEpy7nXEj0eaAPmWIUYQq0hm3VWATmsulYUph9T5IZ9g5ymx0
6nM33Fwh8EmzpTGgKe4kK5KmXv3zODURdmz2nrQwGhxrBHEw5mshTaa0PxX151w0
J+n1UZRZ7cfgMLLk7fsfs/RsjsSoe7KpxXOAS/c3/aL2nDzFUN2R3r7kEdhdYcaZ
9B8pwpVHAgMBAAGjggK8MIICuDBZBgNVHSAEUjBQMAgGBmeBDAECAjANBgsrBgEE
AYGtIYIsHjAPBg0rBgEEAYGtIYIsAQEEMBEGDysGAQQBga0hgiwBAQQDCDARBg8r
BgEEAYGtIYIsAgEEAwgwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0l
BAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFEiw97XrH4u/lCaE41k+iVZMNkrbMB8G
A1UdIwQYMBaAFGs6mIv58lOJ2uCtsjIeCR/oqjt0MGgGA1UdEQRhMF+CIWRpZ2lu
ZXQtc2VydmljZXMuYW90LnR1LWJlcmxpbi5kZYIbZGlnaW5ldC1zZXJ2aWNlcy5k
YWktbGFiLmRlgh1kaWdpbmV0LXNlcnZpY2VzLmRhaS1sYWJvci5kZTCBjQYDVR0f
BIGFMIGCMD+gPaA7hjlodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2Rmbi1jYS1nbG9i
YWwtZzIvcHViL2NybC9jYWNybC5jcmwwP6A9oDuGOWh0dHA6Ly9jZHAyLnBjYS5k
Zm4uZGUvZGZuLWNhLWdsb2JhbC1nMi9wdWIvY3JsL2NhY3JsLmNybDCB2wYIKwYB
BQUHAQEEgc4wgcswMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUv
T0NTUC1TZXJ2ZXIvT0NTUDBJBggrBgEFBQcwAoY9aHR0cDovL2NkcDEucGNhLmRm
bi5kZS9kZm4tY2EtZ2xvYmFsLWcyL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDBJBggr
BgEFBQcwAoY9aHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tY2EtZ2xvYmFsLWcy
L3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkq
hkiG9w0BAQsFAAOCAQEAbOtnWQ4s65VnAvYFVURIA2g2UlVc3KbGjCIvqAt1upCP
9x1F21/rOoY3nzQGhoaIvJh32U2Lep4r14loL8X2BoSbstks+YJcBvZ//uknt5We
yLmSg3PlKAGqV5YnLmW9qymaAx3aCyO999PZItDo6kAuD1jfW8jSfz/FHHpPoYIw
wZVEYZyI23C6W3hJZvrfZb/CvXAzEPr5gyHnppOqJU9cXi1lL58a8mKHhWKksgux
fhuRXAL7PE2ebHY7rgOQeBmYROp/s+at0MJUpc7xqG6IFjDkM63VTxlmt98vuXwI
Nxxk915LTH7NrZ1C7rikV3BqPpDLkv+jsupdQlmYmQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxYgpFPKH8tuUv2TeFYzE
VUOpIdIL7ht0lD8/MQ+GtiXcqdQhyLIUbD5KrXGCS6DtPTro+MwvOc1Kx2P+glRQ
FtjnDOBC+mq7Imj9nE59kK6VLFVqYvFpqEX9P04ZZ5q06mLzQkm+giZgVnI4tuog
q/mlX/Xon9P7lv6UIjb6GQS02gg90p+BUkcouh4+2r2eYVbOczjeZritBD22wMJM
rUP5lMgGHsmZFQpIw5EpC7Hbl1RW4hHcgFaRhknaTUGbiEcxwybZYXJ8M96C8vBQ
VDLLbl6LZ8b0pKwSI6a9li9dZ1F308Wn8lp0QF6XbjAFEPzRCc8ZySyOlYt5qo7z
SbDRb7ARhFVIUj5Yxya/RTi5KMgeUtXsJ+psJlKcX4Jkcmx03ivRiN7prPA8oGRR
pod/6CywXidU4YZhRg+c21eWS82odx9F+IiApmZpXKzt6yvYIAYl0FFaS2DwI+s/
Ct/HPBOA0Nu7BY4M7wCZEhjLc2T08UASnLudcSPR5oA+ZYhRhCrSGbdVYBOay6Vh
SmH1Pkhn2DnKbHTqczfcXCHwSbOlMaAp7iQrkqZe/fM4NRF2bPaetDAaHGsEcTDm
ayFNprQ/FfXnXDQn6fVRlFntx+AwsuTt+x+z9GyOxKh7sqnFc4BL9zf9ovacPMVQ
3ZHevuQR2F1hxpn0HynClUcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9706873252480188564733737942
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-PKI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DFN-Verein Global Issuing CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-05 08:37:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-07 08:37:37 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Technische Universitaet Berlin'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DAI-Labor'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'diginet-services.aot.tu-berlin.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 805859749672347096237658828561262395175888800210832614130787305966223422702696459442783047020424042162911743562388884330286692683437467147142744017252996168031330347660359475350210694209327704827360138316442037380514832977727348342928326648706087520169426177157198919149484675449535894611770615206045282773429771923988021034767990890904422033574550490587314389971196943413432428143451526609882782779810729588343306567072087727591060291890104613738079900062072025090878230309453166997466621431716064816556909838147219010563154387577872752262367973962025528081413192267753113270544792378547852479725669040740952656621617538206166420825550070941882597589704583628322473902327443263165468794103590646907328283300086502308147677925531621756415181778738208211528730606860733964108692334255066058860513076573254544764693048447642722824626495212263424786772806638031963892442350194414368012967417487313423774341982167296712186236173464081465650199781953673465926144705570766079041071448323351518337711968719125350579626342489948743444958270346703833784944809066287955063134347063890118926169091606957864407826308697380295794603758081360625735783401102541299250902551454148946640650077065738061458010612950718144163564131557009851059888362823
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.30
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.1.1.4.3.8
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.22177.300.2.1.4.3.8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							48b0f7b5eb1f8bbf942684e3593e89564c364adb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6b3a988bf9f25389dae0adb2321e091fe8aa3b74
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diginet-services.aot.tu-berlin.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diginet-services.dai-lab.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diginet-services.dai-labor.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/crl/cacrl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pca.dfn.de/OCSP-Server/OCSP'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-ca-global-g2/pub/cacert/cacert.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006ceb67590e2ceb956702f60555444803683652555cdca6c68c222fa80b75ba908ff71d45db5feb3a86379f3406868688bc9877d94d8b7a9e2bd789682fc5f606849bb2d92cf9825c06f67ffee927b7959ec8b9928373e52801aa5796272e65bdab299a031dda0b23bdf7d3d922d0e8ea402e0f58df5bc8d27f3fc51c7a4fa18230c19544619c88db70ba5b784966fadf65bfc2bd703310faf98321e7a693aa254f5c5e2d652f9f1af262878562a4b20bb17e1b915c02fb3c4d9e6c763bae039078199844ea7fb3e6add0c254a5cef1a86e881630e433add54f1966b7df2fb97c08371c64f75e4b4c7ecdad9d42eeb8a457706a3e90cb92ffa3b2ea5d42599899