dh-auth.apis.post.ch

- Die Schweizerische Post AG -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 3a:22:56:54:ce:74:ff:bf:9c:79:80:19:6b:e5:14:be:b1:54:76:65 was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Die Schweizerische Post AG

Organization: Die Schweizerische Post AG
State / Province: BE
Locality: Bern
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 3a:22:56:54:ce:74:ff:bf:9c:79:80:19:6b:e5:14:be:b1:54:76:65
Serial Number (int): 331887210559270147095114327624073790066894599781
Serial Number lenght: 158 bits, 20 octets

SubjectKeyId: cf:34:c4:39:8a:75:4d:88:ea:1d:fb:04:c7:3d:f8:7a:2c:27:4b:24
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 4e:9d:bc:ce:a0:a5:74:12:75:2d:7f:2d:3c:17:1f:de:05:94:b5:18
Fingerprint (sha256): 01:11:34:6d:86:08:54:e0:81:ba:94:10:d2:98:9b:9d:a4:59:7b:76:a8:2b:cc:5b:26:12:12:05:e9:4b:ec:54

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate dh-auth.apis.post.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dh-auth.apis.post.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dh-auth.apis.post.ch

Other certificates including the domain name post.ch

(limited to 100 certificates)
fakeext.post.ch
zwab-int.post.ch
moodle.pa.post.ch
mova.post.ch
webfocus.post.ch
digitaler-posteingang.post.ch
securepost.post.ch
filialemitpartner.post.ch
moodle.pa.post.ch
e-collaboration-int.post.ch
jobs-int.post.ch
m-extranet.post.ch
xray.tools.post.ch
directpoint.post.ch
places.post.ch
new.post.ch
mapservice.post.ch
wohnen-franklinplatz.post.ch
wwwsc.post.ch
gandalf.apis.post.ch
billingonline-dev.post.ch
dh-auth.apis.post.ch
cinfoni-germany.innovation.post.ch
loginint.post.ch
file-intpa-cms.post.ch
agentur-int.post.ch
gitit.post.ch
zubofi.apis-dev.post.ch
ef-testix.post.ch
transport-service.post.ch
directpoint.post.ch
ci-euw1.ireland.delivery.aimatch.net
accountint2.post.ch
address.apis-test.post.ch
docucenterint.post.ch
ci-euw1.ireland.delivery.aimatch.net
msmgateway-int.post.ch
uaasapp3rsa.post.ch
epostoffice3.post.ch
static.post.ch
location-poste-martigny.post.ch
uaasapp3rsadev2.post.ch
crypto-stamp.post.ch
gabi.apis-test.post.ch
nemoauth-test.post.ch
sorryrpz-int.post.ch
webservices-cashlog-int.post.ch
accountint1.post.ch
static.post.ch
cbt.externint.post.ch
wohnen-zollikofen.post.ch
directdayint.post.ch
apis.post.ch
gw.incamail-dev.post.ch
mx3.post.ch
salt-aboint.post.ch
ci-euw1.ireland.delivery.aimatch.net
postweb.post.ch
orgtool-int.post.ch
die-post-kann-mehrint.post.ch
erpcorp.apis-int.post.ch
schreibenint.post.ch
nemoint.post.ch
postzone.extern.post.ch
news-intern.post.ch
cockpitint2.post.ch
apitest.post.ch
mp24hub.apis.post.ch
servicetest.post.ch
mobilecodeservice.apis.post.ch
vsc.apis.post.ch
stb-test.innovation.post.ch
pccweb.apitest.post.ch
webtransferint.post.ch
agentur-int.post.ch
www.post.ch
laborsendungen.post.ch
facetoface.post.ch
ci-euw1.ireland.delivery.aimatch.net
ci-euw1.ireland.delivery.aimatch.net
digitaler-posteingangint.post.ch
e-mobilityint.post.ch
fdsbc.post.ch
tresorit.post.ch
gw.incamail-dev.post.ch
gewinnende-worte.post.ch
accountint2.post.ch
rasns01.post.ch
ident.apis-dev.post.ch
test.post.ch
e-commerce.post.ch
salt-aboint.post.ch
96749.post.ch
juravote-int.post.ch
sventest.post.ch
sventest.post.ch
patient.sanela.dh.post.ch
e-mobilityint.post.ch
sapmsint.post.ch
gollum.apis-dev.post.ch

Certificate

The complete raw certificate details for dh-auth.apis.post.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJVDCCBzygAwIBAgIUOiJWVM50/7+ceYAZa+UUvrFUdmUwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDIxMjA2
MDc0MVoXDTI1MDIxMjA2MDc0MVowbTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkJF
MQ0wCwYDVQQHDARCZXJuMSMwIQYDVQQKDBpEaWUgU2Nod2VpemVyaXNjaGUgUG9z
dCBBRzEdMBsGA1UEAxMUZGgtYXV0aC5hcGlzLnBvc3QuY2gwggIiMA0GCSqGSIb3
DQEBAQUAA4ICDwAwggIKAoICAQDS1m+ILtd+MI+wA0UwQv4HyhlVcim5SU8jchC7
dmb3Diy/L5eEunO+kRkYj4YhR8zYwewFv1kFLP8/rCV4gad0OCpduPr2W9w1JVs0
5INsF1H8LZIck1lGV/Yc0hxBufvlXdAIdIneVyDOv+mkfBglZds1zISR+XbcBsZ6
zEcujFVQdLBh/M0djTjWnymAQbBNE5M02JFL2KYneAJNZqsouz7NBYEJ4Aa7Dy2S
tRaVY8KI6ixLboCHa+epyukC3aYbQuxEGlRsweQ1taqYc1N/pqIRBWPwqRE2qyEP
P1+iEoGuOxo2CTxUrojAYbHevmMFJX0xycxKZexhELcw3s6cTM9xh7hvGOWm6+o+
gvy5ck6kdTB9Ib1wdheBm+9BwUHUE+fGLKoPCicHv47eSr+EnClM2G7OXRXHXhKc
Ak9qOWMAvPsowErlZKQB+mYfCgCkAgVkm46mnXIbfb5EMmDaf6WADTPekBnWaB3N
E4VHK7P/1r9961b8eIScnPuPOP3NrPOdokiRQUBWSNfscG5dzHADhKVAAz0W5lxC
OlHxq1SxgNb+JuI7sSo5Cea35Dz3sclpXFa2NRtkXEwH7UIQm+H8pxb11QVrd7vj
q1e4g7J7wfHCUR3xY+Wm4fX64Cri80YMCnRFumqVofXdz/izIkcxdQTSrfZexHXE
z1HdmQIDAQABo4IEBzCCBAMwgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAC
hkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMGYyYmY5YTUtZGQzNy00OGM5
LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lz
c3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFi
NzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQICMAgGBgQAj3oBBzBQBghghXQBWQIB
AjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv
bS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDov
L2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNl
NDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0P
AQH/BAQDAgWgMB8GA1UdEQQYMBaCFGRoLWF1dGguYXBpcy5wb3N0LmNoMB0GA1Ud
DgQWBBTPNMQ5inVNiOod+wTHPfh6LCdLJDAfBgNVHSMEGDAWgBR8bwpvEw/ZjCRv
JjTzXGtDbbcjtjCCAfYGCisGAQQB1nkCBAIEggHmBIIB4gHgAHYAVYHUwhaQNgFK
6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAGNm+2vpgAABAMARzBFAiEAr+SBqUPA
57XXTkXYvxXKm4jTN8K7d2wqVwEYpCoanvcCIFU0om+zIk+i2WwEzyfqYcbliXuo
H6Te3zzpHPhrbPFJAHUAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgA
AAGNm+2xHwAABAMARjBEAiA+KcZlNm3tekwPO2SNigJQTzKSu/cgDzYtqFXJerwk
NwIgF/9+V45vCwcHahEPbrI2PSoDeF8tCj4fAAd5Dquqxq0AdgDM+w9qhXEJZf6V
m1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAY2b7bQBAAAEAwBHMEUCIHe4FIS2BXgs
jXKbeMRNFbGvk+matWTP4Z2YDcOSL3SlAiEA03OOyO7NDv5XvvaUHaVf7HHgHSw7
ATpADUkBY/ZHPQ0AdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAA
AY2b7bT3AAAEAwBIMEYCIQCxX+IDIWh8d6L1VYe17Ze2mO8+AuVK71MzNhBrkJYu
JwIhANz0QjwGFk7PiW1hyjA2ye+Cw0fpIxIiYzSnCk1pxH2IMA0GCSqGSIb3DQEB
CwUAA4ICAQB5b6qcRWwOhFstJgQhVzkanTNdh18w7rCpCcf2/O2s18xf+uEXWeC2
esBC4SGUERBH9OX1IcGTIEGX8BbsTIbCtEAgdtJYWTPvODKI5tJmqKQKHde0+hJ1
6unu1TCslciCyRFt8ppJVV5SyPU7vpVrFp5710Ou2X1OkRugDYD+MaRB8SJHsVZu
cfUlnzOJD5iYhajp2fkaiIwZk90gHTq1Jo7cbJok9q3BxRONWsoOBllVJtu3XJ/V
urkrqlgT9DUW1ai6iZnAPqfqbRsx+rXrTw3xbVnu38TfeMjdhMcWsCae0R62xc5q
zHmxDRwGthZ9OicDjww0piCcOr1qZRHZot0wzkV9nswsNdA7tMdfYswNdiWa15Ic
4qOJsCRApQk5/pUY2YAre9DCHbM1e7JD7uS5yPcmAR4jW/sXL37RPWdSrYl5b7NB
zPg1faECYYxmaNE9MNarxXU5+RPECQuw/Pp1e8555+HHofQX1B0sahyBQ+mtJF2C
F/h2VKHZJ2K6jnfymOA33tCLik0er+FA41tyFkPtv48CpUJ3aa/p1VAoWLoLlrj2
XGzJUX/UMslDjdi7cXO3g+8OR0tyWl89oAfh/yiumLy2nZChVkNAPRP8WhRHqtS7
CS220AFK84JmDiQap4jSHVdWNX1Ee4sL8RFrogbGGq+HtrSUKYEp2g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0tZviC7XfjCPsANFMEL+
B8oZVXIpuUlPI3IQu3Zm9w4svy+XhLpzvpEZGI+GIUfM2MHsBb9ZBSz/P6wleIGn
dDgqXbj69lvcNSVbNOSDbBdR/C2SHJNZRlf2HNIcQbn75V3QCHSJ3lcgzr/ppHwY
JWXbNcyEkfl23AbGesxHLoxVUHSwYfzNHY041p8pgEGwTROTNNiRS9imJ3gCTWar
KLs+zQWBCeAGuw8tkrUWlWPCiOosS26Ah2vnqcrpAt2mG0LsRBpUbMHkNbWqmHNT
f6aiEQVj8KkRNqshDz9fohKBrjsaNgk8VK6IwGGx3r5jBSV9McnMSmXsYRC3MN7O
nEzPcYe4bxjlpuvqPoL8uXJOpHUwfSG9cHYXgZvvQcFB1BPnxiyqDwonB7+O3kq/
hJwpTNhuzl0Vx14SnAJPajljALz7KMBK5WSkAfpmHwoApAIFZJuOpp1yG32+RDJg
2n+lgA0z3pAZ1mgdzROFRyuz/9a/fetW/HiEnJz7jzj9zazznaJIkUFAVkjX7HBu
XcxwA4SlQAM9FuZcQjpR8atUsYDW/ibiO7EqOQnmt+Q897HJaVxWtjUbZFxMB+1C
EJvh/KcW9dUFa3e746tXuIOye8HxwlEd8WPlpuH1+uAq4vNGDAp0RbpqlaH13c/4
syJHMXUE0q32XsR1xM9R3ZkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 331887210559270147095114327624073790066894599781
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-12 06:07:41 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-12 06:07:41 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Die Schweizerische Post AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dh-auth.apis.post.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 860142524659910201469097984189478762009720781230242079228974013869808982298554009975873296635807475058580160604768232552939836183601598188537279183817534157258324330714743137374800674914741539954110712557578784191900102904347798981018323635325601329829302707810081347887610999545733484263322298534647199833491838467319904609386575130664748521494978052871691055656961349857260295379362776481748275594406371628342165733162040346237363832781754745271028174275868012863638458973406789440861165876174925443768545278621894560852869960350282598613760977124370447332736122954666023243330053086331128090276004219698556050876626115555355323152999534654891010474464610533665873524258993979097062187400474348699811307236511509242589020328889106807224875843131705977755165750134550132400774755582818698341869398316740563391836326878661521334382324254881377168527990958354087707150288888094097921050865490999974169590871204677457211046507183923464844997925670180418803070766878997217798302221766029058437090215912022142490267259495203792984830625330513109147382427422897401208482525285089322796424962925671824286510551788103018181126020743939435070774672813945038111988157352557606837725493417289999546578772954959522358170668892637596634466868633
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dh-auth.apis.post.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cf34c4398a754d88ea1dfb04c73df87a2c274b24
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes)
							01e00076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018d9bedafa60000040300473045022100afe481a943c0e7b5d74e45d8bf15ca9b88d337c2bb776c2a570118a42a1a9ef702205534a26fb3224fa2d96c04cf27ea61c6e5897ba81fa4dedf3ce91cf86b6cf149007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d9bedb11f000004030046304402203e29c665366ded7a4c0f3b648d8a02504f3292bbf7200f362da855c97abc2437022017ff7e578e6f0b07076a110f6eb2363d2a03785f2d0a3e1f0007790eabaac6ad007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018d9bedb4010000040300473045022077b81484b605782c8d729b78c44d15b1af93e99ab564cfe19d980dc3922f74a5022100d3738ec8eecd0efe57bef6941da55fec71e01d2c3b013a400d490163f6473d0d0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d9bedb4f70000040300483046022100b15fe20321687c77a2f55587b5ed97b698ef3e02e54aef533336106b90962e27022100dcf4423c06164ecf896d61ca3036c9ef82c347e92312226334a70a4d69c47d88
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00796faa9c456c0e845b2d26042157391a9d335d875f30eeb0a909c7f6fcedacd7cc5ffae11759e0b67ac042e12194111047f4e5f521c193204197f016ec4c86c2b4402076d2585933ef383288e6d266a8a40a1dd7b4fa1275eae9eed530ac95c882c9116df29a49555e52c8f53bbe956b169e7bd743aed97d4e911ba00d80fe31a441f12247b1566e71f5259f33890f989885a8e9d9f91a888c1993dd201d3ab5268edc6c9a24f6adc1c5138d5aca0e06595526dbb75c9fd5bab92baa5813f43516d5a8ba8999c03ea7ea6d1b31fab5eb4f0df16d59eedfc4df78c8dd84c716b0269ed11eb6c5ce6acc79b10d1c06b6167d3a27038f0c34a6209c3abd6a6511d9a2dd30ce457d9ecc2c35d03bb4c75f62cc0d76259ad7921ce2a389b02440a50939fe9518d9802b7bd0c21db3357bb243eee4b9c8f726011e235bfb172f7ed13d6752ad89796fb341ccf8357da102618c6668d13d30d6abc57539f913c4090bb0fcfa757bce79e7e1c7a1f417d41d2c6a1c8143e9ad245d8217f87654a1d92762ba8e77f298e037ded08b8a4d1eafe140e35b721643edbf8f02a5427769afe9d5502858ba0b96b8f65c6cc9517fd432c9438dd8bb7173b783ef0e474b725a5f3da007e1ff28ae98bcb69d90a15643403d13fc5a1447aad4bb092db6d0014af382660e241aa788d21d5756357d447b8b0bf1116ba206c61aaf87b6b494298129da