cusmsp-phoenix.swisscom.ch

- Swisscom (Schweiz) AG -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 4b:19:d2:ce:ba:b8:36:6c:1e:37:ec:c8:d0:1f:a0:62:94:8e:b9:d4 was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Swisscom (Schweiz) AG

Organization: Swisscom (Schweiz) AG
State / Province: BE
Locality: Bern
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 4b:19:d2:ce:ba:b8:36:6c:1e:37:ec:c8:d0:1f:a0:62:94:8e:b9:d4
Serial Number (int): 428750190368157378915220517037793300820769290708
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 79:01:60:29:48:cd:c2:76:f1:38:d9:23:02:3f:5f:e9:06:6a:6d:83
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 59:5f:e5:24:9c:3e:81:4b:5a:b6:48:ef:a8:0b:3a:d7:a1:49:75:8b
Fingerprint (sha256): 00:b9:70:ad:33:ef:76:5f:6a:59:d3:d1:af:57:2c:66:f0:68:aa:fe:1d:79:cb:68:0a:fa:02:f8:d4:ef:ca:b7

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate cusmsp-phoenix.swisscom.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cusmsp-phoenix.swisscom.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cusmsp-phoenix.swisscom.ch
cusmsp-phoenix.sn.swisscom.ch

Other certificates including the domain name swisscom.ch

(limited to 100 certificates)
olr-stag.swisscom.ch
twint-prd.swisscom.ch
cms.staging.entertainment.swisscom.ch
email.swisscom.ch
cp.cspp.swisscom.ch
spscms4linux02.exotrack.swisscom.ch
tvnow.swisscom.ch
internetbox-nas.staging.swisscom.ch
issue.swisscom.ch
secure04.stage.lithium.com
blockchain.swisscom.ch
partner-authz-staging.swisscom.ch
netzausbaukarte.swisscom.ch
magazin.swisscom.ch
i.swisscom.ch
docsafe-beta.swisscom.com
twint-prd.swisscom.ch
cusmsp-phoenix.swisscom.ch
ssc1.imst.swisscom.ch
octane.swisscom.ch
*.portal.bankinghub.swisscom.ch
gaia-gateway.vega.m6s.swisscom.ch
iot.vodafone.swisscom.ch
sbc1-emea-che-zhh.teamsa.swisscom.ch
ccs.join.swisscom.ch
*.tcsbc02.teamsa.swisscom.ch
multi.swisscom.ch
l2.shared.global.fastly.net
bcs.join.swisscom.ch
secure05.lithium.com
wast.swisscom.ch
sdx.swisscom.ch
identity.phoenix.m6s.swisscom.ch
ccs.join.swisscom.ch
partner-authz.swisscom.ch
l2.shared.global.fastly.net
global-portal-dev.swisscom.ch
l2.shared.global.fastly.net
btbcs.swisscom.ch
tools.swisscom.ch
l2.shared.global.fastly.net
ssc1.ims.swisscom.ch
internetbox-nas.staging.swisscom.ch
lite.m2m.swisscom.ch
vimaphet-dasbc1.joind.swisscom.ch
extranet-acc.swisscom.ch
extranet-int.swisscom.ch
shop.swisscom.ch
secure05.stage.lithium.com
internetbox-nas.swisscom.ch
media.oid.swisscom.ch
5670976570261504-fe4.pantheonsite.io
acs.joind.swisscom.ch
secure04.stage.lithium.com
dis.swisscom.ch
wrc.joind.swisscom.ch
*.iotcloud.swisscom.com
*.tasbc01.teamsd.swisscom.ch
sensu-backend-8.exotrack.swisscom.ch
simple2.swisscom.ch
secure04.stage.lithium.com
srv04795.int.bkw.ch.exotrack.swisscom.ch
5754818358411264-fe2.pantheonsite.io
issue-int.swisscom.ch
l2.shared.global.fastly.net
wmt5443.conferencing.swisscom.ch
check.swisscom.ch
clientrvk.testweb38.swisscom.ch
tpe-staging.swisscom.ch
marketplace.bankinghub.swisscom.ch
inone-game.swisscom.ch
check.swisscom.ch
dns-vetting1e.map.fastly.net
handyhilfe.swisscom.ch
secure04.stage.lithium.com
hpalm-app-prd.swisscom.ch
cockpit.dev1.swisscom.ch
secure05.stage.lithium.com
rtc-dis.swisscom.ch
het-cds.swisscom.ch
mds01.swisscom.ch
www.survey.swisscom.ch
testweb39.swisscom.ch
b2b-events.swisscom.ch
wfmweb.swisscom.ch
tv-thankyou.swisscom.ch
inone.swisscom.ch
buyback.swisscom.ch
secure04.stage.lithium.com
stag-messagingproxy.swisscom.ch
secure05.lithium.com
oms-tst.omsaas.swisscom.ch
cockpit.swisscom.ch
vergleich-server-cloud.swisscom.ch
buyback.swisscom.ch
hipchat.swisscom.ch
regapi-1olb.swisscom.ch
stream.swisscom.ch
repairmanager.swisscom.ch
robotics.swisscom.ch

Certificate

The complete raw certificate details for cusmsp-phoenix.swisscom.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHlTCCBX2gAwIBAgIUSxnSzrq4NmweN+zI0B+gYpSOudQwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDQwMzA3
NTk0OVoXDTI1MDQwMzA3NTk0OVowbjELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkJF
MQ0wCwYDVQQHDARCZXJuMR4wHAYDVQQKDBVTd2lzc2NvbSAoU2Nod2VpeikgQUcx
IzAhBgNVBAMTGmN1c21zcC1waG9lbml4LnN3aXNzY29tLmNoMIICIjANBgkqhkiG
9w0BAQEFAAOCAg8AMIICCgKCAgEAtxFCJS6Xo/pRjFc/bZO0BAzaNTTsO829ept9
RTVX4ukEd0o9kBHTy3HJiq5kZIo5AEsIot5ApcGM8RLB1k4/F0xYia88sBAEEc9v
oGXO3c+Cm1tHA/XigsPG8n3V3dOWlkq2X657zqysnLGm8YRI76rMdzRg9fV2doIQ
Vv/ftTrMnOyOcfV3JPzAO6P0iO+Qp2mQstUchc3efHuFRvNp7OUt35B3cyQhSMOg
o63ZD5uBZPaC3at/BGWDVjBV4mPnkgjd1pxJopO1zFOaSfiWTYN88ndywEy1+MnC
J47KfFuUMUtNBZSx2/7biDDWN1mk5/aato9rwbXrTviOLLSWb252hA7q9cUQlIp1
ZZNn8ongQdlEF5yUXP/eSylDJNsVF8pVLWwmVIjjh5snyKBnTQn+bRFmdv003pWh
L5nMnSIq8oUWzAyRMxxaaHMb8hDd8r0DW8e5FKz6aP/W91qNQBckNJ4/4pc/nuAP
nUaFxnEyjJjYBKWwdSzqJkC9RQ8c3+pNUE46OHlYIHGEEQb8dFkZVQ4D0jmx+Bu0
AGQ2mZ0ao2iBaEAMzNmHH/y7Gx/wtx9+9XgCdTa9V3hW4YtjQqFOE/CSh+xIgYIj
rRVmwgTKvi1Vn+JyF+f4TAou8BjwB45Gq5vvVigFlj5qTi1n+fL1UviiEOpe5G23
SC4R6GMCAwEAAaOCAkcwggJDMIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcw
AoZAaHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWlyLTBmMmJmOWE1LWRkMzctNDhj
OS1hODViLTEyYWNkY2I4YmU0NTBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dp
c3NzaWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlh
YjczZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECAjAIBgYEAI96AQcwUAYIYIV0AVkC
AQIwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5j
b20vU3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6
Ly9jcmwuc3dpc3NzaWduLmNoL2NkcC05NmI2MmY1YS02YjczLTRkYTQtODdmNy1j
ZTQwMDJjMWNkMzQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1Ud
DwEB/wQEAwIFoDBEBgNVHREEPTA7ghpjdXNtc3AtcGhvZW5peC5zd2lzc2NvbS5j
aIIdY3VzbXNwLXBob2VuaXguc24uc3dpc3Njb20uY2gwHQYDVR0OBBYEFHkBYClI
zcJ28TjZIwI/X+kGam2DMB8GA1UdIwQYMBaAFHxvCm8TD9mMJG8mNPNca0NttyO2
MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQB5eAESUGSw
AZehcgYfHs5xeiNm/krEvty3MSowXzZy4oI0VqtwCaY5z9y1X3j9dngqiR890UYE
3zzInu3R5Jf0TCapdAQQ81rRyx5eztlvkxfOY9z4QehHWPPNif9xG2ace77SmOPn
iKjHEYSZXY0mm8fq+r8HO6d1dta9NPInbfmf0U2PsiIVqsg0xOZuy96zKyBmuhg5
VCKPkxktmTPBfApx0KZp1+ZG6vkBp7+gS4MScLfIxrpBBGaNSMKPrjFo7uufpG+i
3SZpgeGFKTQNruqlA8kCNecYfT/bAzai/cc769ytplkJvQhPQ5o/HhqLfgyMt4Bl
K/ymYPtkgjQ6CkO8TeFw3WnefHWhxm5up7l3h9TRHtJntkY3NshwG8zbmc4W3m5F
41t1IeLPDZX/6WoZlTYDpJhKbsV09F3mVjWap9GAmLMUNbDnewrkHXSu+p3QyNju
f8FiQSELQcyApNYtTzs8qIMZZtnGcsXc0r/5PUf+jwERXNUJ22cw0fmwk+jFD1nl
pHqN3I8EyCHUUFX+AZpaSsFZNMyWUZkYc4alqifK1zjeNRRp4+2AAWvhy1smjMAO
2Tlxr1q2qEZbL9H2TykHb/ekdf1XF5T+UF+ibyM6snsnAHUZBq+B4mNRgS+NehND
5hTfQU9XfFbz2NeHriU9Id6Uo7sDy+vMNg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtxFCJS6Xo/pRjFc/bZO0
BAzaNTTsO829ept9RTVX4ukEd0o9kBHTy3HJiq5kZIo5AEsIot5ApcGM8RLB1k4/
F0xYia88sBAEEc9voGXO3c+Cm1tHA/XigsPG8n3V3dOWlkq2X657zqysnLGm8YRI
76rMdzRg9fV2doIQVv/ftTrMnOyOcfV3JPzAO6P0iO+Qp2mQstUchc3efHuFRvNp
7OUt35B3cyQhSMOgo63ZD5uBZPaC3at/BGWDVjBV4mPnkgjd1pxJopO1zFOaSfiW
TYN88ndywEy1+MnCJ47KfFuUMUtNBZSx2/7biDDWN1mk5/aato9rwbXrTviOLLSW
b252hA7q9cUQlIp1ZZNn8ongQdlEF5yUXP/eSylDJNsVF8pVLWwmVIjjh5snyKBn
TQn+bRFmdv003pWhL5nMnSIq8oUWzAyRMxxaaHMb8hDd8r0DW8e5FKz6aP/W91qN
QBckNJ4/4pc/nuAPnUaFxnEyjJjYBKWwdSzqJkC9RQ8c3+pNUE46OHlYIHGEEQb8
dFkZVQ4D0jmx+Bu0AGQ2mZ0ao2iBaEAMzNmHH/y7Gx/wtx9+9XgCdTa9V3hW4Ytj
QqFOE/CSh+xIgYIjrRVmwgTKvi1Vn+JyF+f4TAou8BjwB45Gq5vvVigFlj5qTi1n
+fL1UviiEOpe5G23SC4R6GMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 428750190368157378915220517037793300820769290708
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 07:59:49 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-03 07:59:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Swisscom (Schweiz) AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cusmsp-phoenix.swisscom.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 746849895881230647958594086459424179845902207400157278941086686286891577326980472329052141734975067345626707600204673711948257714156821197951790949373881999443324497199840943535136312621440356617883957032600009172407708419205472813854309836826019171328916046074233722618365224642129051766485041504828842768245927917708414162406355931652989198087891788345578737477105754130653138609849935943834356093389438193582331499501361316507451883209355452439667623406459093183036370437741826476557794361781403083622631081750848847133741766946759614145645853342203312905308377324914865531580880015856961820564454203690272533608929913588818475577295076577394358770292174781114879692067289499718852011121404395726929221138247165442351267007442002637979107001924884421961594555108314960257062830288408172646916185602698848721339638056139105451405823675221756177283638854070402652598910749068534845880841187392087843970449906037964181656651110845203990626372456604814520712081722500474606415349666110560404013533607435410159774199365767053948863246789172574305828020360281789462257099816511570242919272130345573443511128407241405616122608129532689247781800027321447826013966954084495312410054844983453516667408412027047995040501988097502521538504803
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cusmsp-phoenix.swisscom.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cusmsp-phoenix.sn.swisscom.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7901602948cdc276f138d923023f5fe9066a6d83
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00797801125064b00197a172061f1ece717a2366fe4ac4bedcb7312a305f3672e2823456ab7009a639cfdcb55f78fd76782a891f3dd14604df3cc89eedd1e497f44c26a9740410f35ad1cb1e5eced96f9317ce63dcf841e84758f3cd89ff711b669c7bbed298e3e788a8c71184995d8d269bc7eafabf073ba77576d6bd34f2276df99fd14d8fb22215aac834c4e66ecbdeb32b2066ba183954228f93192d9933c17c0a71d0a669d7e646eaf901a7bfa04b831270b7c8c6ba4104668d48c28fae3168eeeb9fa46fa2dd266981e18529340daeeaa503c90235e7187d3fdb0336a2fdc73bebdcada65909bd084f439a3f1e1a8b7e0c8cb780652bfca660fb6482343a0a43bc4de170dd69de7c75a1c66e6ea7b97787d4d11ed267b6463736c8701bccdb99ce16de6e45e35b7521e2cf0d95ffe96a19953603a4984a6ec574f45de656359aa7d18098b31435b0e77b0ae41d74aefa9dd0c8d8ee7fc16241210b41cc80a4d62d4f3b3ca8831966d9c672c5dcd2bff93d47fe8f01115cd509db6730d1f9b093e8c50f59e5a47a8ddc8f04c821d45055fe019a5a4ac15934cc965199187386a5aa27cad738de351469e3ed80016be1cb5b268cc00ed93971af5ab6a8465b2fd1f64f29076ff7a475fd571794fe505fa26f233ab27b2700751906af81e26351812f8d7a1343e614df414f577c56f3d8d787ae253d21de94a3bb03cbebcc36