www.kersting-heidorn.de
Issued by Starfield Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number 10:08:41:5b:6e:12:a6:d8 was issued on by Starfield Technologies, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.kersting-heidorn.de
Starfield Technologies, Inc.
Organization:
Starfield Technologies, Inc.
Organization unit: http://certs.starfieldtech.com/repository/
Organization unit: http://certs.starfieldtech.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 10:08:41:5b:6e:12:a6:d8Serial Number (int): 1155245165365077720
Serial Number lenght: 61 bits, 8 octets
SubjectKeyId: 4f:27:d9:7b:d7:9a:5c:5d:9c:e1:fa:64:1d:c4:e4:b5:cc:8a:fd:4f
AuthorityKeyId: 25:45:81:68:50:26:38:3d:3b:2d:2c:be:cd:6a:d9:b6:3d:b3:66:63
Fingerprint (sha1): 11:82:b9:de:bc:47:73:2f:a2:57:34:ba:4f:b5:62:05:d4:3b:37:bf
Fingerprint (sha256): ff:f8:bf:3e:32:ae:f4:cd:9f:c4:4a:80:88:ca:df:47:0f:c6:02:87:47:84:3b:5d:37:37:9d:d1:b0:4a:23:f4
Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sfig2.crt
Revocation information
OCSP Server: http://ocsp.starfieldtech.com/CRL Distribution Point: http://crl.starfieldtech.com/sfig2s1-660.crl
Check the revocation status for certificate www.kersting-heidorn.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kersting-heidorn.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kersting-heidorn.de
kersting-heidorn.de
kersting-heidorn.de
Other certificates including the domain name kersting-heidorn.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.kersting-heidorn.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH0DCCBrigAwIBAgIIEAhBW24SptgwDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNV BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUw IwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypo dHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNV BAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIw HhcNMjQwMTAzMTExNzExWhcNMjUwMTAxMjMwMTM1WjAiMSAwHgYDVQQDExd3d3cu a2Vyc3RpbmctaGVpZG9ybi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC ggIBAMrIPzNslcXP8zfRqOUWnfEracrk031Nh/0YJpE3roeL6PzfvhKFKwslDByV vZyiRTaWZRaypk4c1ardz8Gl0w5EMEqCmE+lID98/Jf6VbETeC7FIJlzr+bauvV5 YtsdCBWbvTs1a1YKWnDHKRWwoGyPN5sV9f7ZRY8hUZ2W9swyXKg2hDIc+eQ1YRX+ RPimCoRU6GV9cG56JnLq9XtAghwB0HD1UCbDlT+fzLzLjEBp0+hNEPUy7DTdHjw8 GJ0P03bG4hEo6ie0ONGNLkVZXlBYCOs4QswUqiU+T4bynT0ifCLgVRMjcOnDtqdU IUtvpd/PbLqvcO3jruV4RUMypEuN7TFOqSY5eRvUf2OD3RA0NR02Rokn+Ux/aCjR /2q1OCJ1zKOZq38hED1OE99t7v85ZxP+XbRrCp1TH1QNaUNqw4WTMQqXKAGRuL7s jJTZnp8QTvf591uWYnMF7uYcx6dzgmZddr6SgQ/Ha0HiVs4DavMAQN3b4SYlWSNg CN76+XnkFMhG5lazUMeJW3IduSBjMrI1a7cuICdUU3fmgUU+k9zPnPTiL3xzXLCv hv2uO7e+qV3rx55zgPyNoQWIP/Fbc/6DeFOH6cRaELb1MS25OtnLlDQXTA9rOqTJ ILaBWQCj031jlLSjpMjuJMRugrN9RR4yi881AIVhvswgw5pJAgMBAAGjggNjMIID XzAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAO BgNVHQ8BAf8EBAMCBaAwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5zdGFy ZmllbGR0ZWNoLmNvbS9zZmlnMnMxLTY2MC5jcmwwYwYDVR0gBFwwWjBOBgtghkgB hv1uAQcXATA/MD0GCCsGAQUFBwIBFjFodHRwOi8vY2VydGlmaWNhdGVzLnN0YXJm aWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATCBggYIKwYBBQUHAQEE djB0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNoLmNvbS8w RgYIKwYBBQUHMAKGOmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5j b20vcmVwb3NpdG9yeS9zZmlnMi5jcnQwHwYDVR0jBBgwFoAUJUWBaFAmOD07LSy+ zWrZtj2zZmMwNwYDVR0RBDAwLoIXd3d3LmtlcnN0aW5nLWhlaWRvcm4uZGWCE2tl cnN0aW5nLWhlaWRvcm4uZGUwHQYDVR0OBBYEFE8n2XvXmlxdnOH6ZB3E5LXMiv1P MIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdgBOdaMnXJoQwzhbbNTfP1LrHfDg jhuNacCx+mSxYpo53wAAAYzPCquHAAAEAwBHMEUCIACz5DZzaqa7kSi2x05r/aoJ ttyYT/yzSkQgOZHWgHugAiEAoWeY+rvS5eRoVQKGBXG2J2bDa72AXTk5BveuAbUF 6y0AdQB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAYzPCqx2AAAE AwBGMEQCIEts76hsY/rA82fi2RHQOG7f6nqgOFYHmq7Fr2ekjXbpAiA/iZ7L6NPl x202rhHJmmbE3IWfptR5Q08muWR0GfhLPwB1AObSMWNAd4zBEEEG13G5zsHSQPaW hIb7uocyHf0eN45QAAABjM8KrUoAAAQDAEYwRAIgUgJhVf5Xm2UNa53WUnxtLbEh HtS+8Y46Pt5zt2WMjK8CIELML9aBUnGvjA61d6KoyU8EZlWTBxXiMWVSbdZwZC8/ MA0GCSqGSIb3DQEBCwUAA4IBAQBWDMsitthg4DK7wFocbk7o2Q4OUYU0jVkletRD Z/g92Jkl1MJVtkFzgdpPkxcjc5vOJOAPAEDWQxpFISoEqhYjYXMHnClSRg5I7yJ4 lqVo3is8qQCq74FlYU33qFeJD66HokAarttCRaYcvXneCD50AZ5RAx+4c4NsoZgp 1T9PlEq93FowEylKWPLdmO5I1xn+sB0TlgesRVAHJBZnmEfZW7s4G8cVfWPZDCJF +HwG6z+9Ni2YxJTUvpCQAK784QzqSJHAbywaeNB/omoO58Y3h5MzNo01WWLvjKWo a3pF4aE7ZjMqgxHKsA3hVUpFUDfBGN/PKcU6OjOWhpm4w2Fo -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAysg/M2yVxc/zN9Go5Rad 8StpyuTTfU2H/RgmkTeuh4vo/N++EoUrCyUMHJW9nKJFNpZlFrKmThzVqt3PwaXT DkQwSoKYT6UgP3z8l/pVsRN4LsUgmXOv5tq69Xli2x0IFZu9OzVrVgpacMcpFbCg bI83mxX1/tlFjyFRnZb2zDJcqDaEMhz55DVhFf5E+KYKhFToZX1wbnomcur1e0CC HAHQcPVQJsOVP5/MvMuMQGnT6E0Q9TLsNN0ePDwYnQ/TdsbiESjqJ7Q40Y0uRVle UFgI6zhCzBSqJT5PhvKdPSJ8IuBVEyNw6cO2p1QhS2+l389suq9w7eOu5XhFQzKk S43tMU6pJjl5G9R/Y4PdEDQ1HTZGiSf5TH9oKNH/arU4InXMo5mrfyEQPU4T323u /zlnE/5dtGsKnVMfVA1pQ2rDhZMxCpcoAZG4vuyMlNmenxBO9/n3W5ZicwXu5hzH p3OCZl12vpKBD8drQeJWzgNq8wBA3dvhJiVZI2AI3vr5eeQUyEbmVrNQx4lbch25 IGMysjVrty4gJ1RTd+aBRT6T3M+c9OIvfHNcsK+G/a47t76pXevHnnOA/I2hBYg/ 8Vtz/oN4U4fpxFoQtvUxLbk62cuUNBdMD2s6pMkgtoFZAKPTfWOUtKOkyO4kxG6C s31FHjKLzzUAhWG+zCDDmkkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1155245165365077720 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.starfieldtech.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-03 11:17:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-01 23:01:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kersting-heidorn.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 827279257949782039119552897956065698020419921068091031326020197334925373159888593972110893947136725566872334597564864691650353743756920778937402898034242728640688651054577972814848788257341511682943885338848973667323768379887003300180524010059718453926083748752136647265198672053082661803971771044208785083717034678188289619937239414134188104937286456839415468218948981010533170512569818446940795604363703919114692552405098856106592417267690380628701227436521668136489092904209551175418299753670880889242769037884452468207612373120803553829558619718750084082137262690216047922061672903744950677717295134432549791692475170271293324345966491629482657521571400469524972125129996027524053564598763541624692443628083434984960242587574599342375601331528820405819442667230387318279290241538579739965404914221041987926433382733271432177360490907227839698164080796162440629514384045172966808164193106067184482606973668512368035690376856029990402350424428735087719267324487988060638309562951793394488071085041871966456541806000267021254603699280863318211075766337097897083092880614882129848957211175772062403278822213395541806298133203417718339486066213185916125429846353173385116820697938907707031491626263013655230680894301696248528446397001 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfig2s1-660.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sfig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 254581685026383d3b2d2cbecd6ad9b63db36663 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kersting-heidorn.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kersting-heidorn.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4f27d97bd79a5c5d9ce1fa641dc4e4b5cc8afd4f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 01660076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ccf0aab870000040300473045022000b3e436736aa6bb9128b6c74e6bfdaa09b6dc984ffcb34a44203991d6807ba0022100a16798fabbd2e5e4685502860571b62766c36bbd805d393906f7ae01b505eb2d0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018ccf0aac76000004030046304402204b6cefa86c63fac0f367e2d911d0386edfea7aa03856079aaec5af67a48d76e902203f899ecbe8d3e5c76d36ae11c99a66c4dc859fa6d479434f26b9647419f84b3f007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018ccf0aad4a0000040300463044022052026155fe579b650d6b9dd6527c6d2db1211ed4bef18e3a3ede73b7658c8caf022042cc2fd6815271af8c0eb577a2a8c94f046655930715e23165526dd670642f3f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00560ccb22b6d860e032bbc05a1c6e4ee8d90e0e5185348d59257ad44367f83dd89925d4c255b6417381da4f931723739bce24e00f0040d6431a45212a04aa16236173079c2952460e48ef227896a568de2b3ca900aaef8165614df7a857890fae87a2401aaedb4245a61cbd79de083e74019e51031fb873836ca19829d53f4f944abddc5a3013294a58f2dd98ee48d719feb01d139607ac4550072416679847d95bbb381bc7157d63d90c2245f87c06eb3fbd362d98c494d4be909000aefce10cea4891c06f2c1a78d07fa26a0ee7c637879333368d355962ef8ca5a86b7a45e1a13b66332a8311cab00de1554a455037c118dfcf29c53a3a33968699b8c36168