I hope it's ok if I answer my question on my own for all who read this post. On friday I registered on IANA a private enterprise number (pen).
You can do this here: https://pen.iana.org/pen/PenApplication.page
It's absolutly for free. I received my number for "Einfaches Netzwerk" a few hours later via e-mail.
After a day or so you can find your number on a really hugh list here: https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers.
Mine looks like this
Now I am able to build my own OID with the prefix: iso.org.dod.internet.private.enterprise (1.3.6.1.4.1) > 1.3.6.1.4.1.52765 (the prefix is listed on the site above on the top).
Behind this OID you can add additional nubmers according to your certification policy statement (cps.txt). For example:
1.3.6.1.4.1.52765.1.1 > Client certificates
1.3.6.1.4.1.52765.1.2 > Server certificates
1.3.6.1.4.1.52765.1.3 > EFS and so on.
You can find a cps template here: https://www.globalsign.com/en/repository/TrustedRoot Template CPS.pdf
You only need a public OID if your organization plans with other organzations to use PKI-enabled applications. It this case you need an OID which is unique on the internet.
...Dietmar