www.astra.admin.ch
- Bundesamt fuer Informatik und Telekommunikation (BIT) -
Issued by QuoVadis Global SSL ICA G3
About this certificate
This digital certificate with serial number 4d:fa:d5:99:ca:1d:27:ae:ab:3c:08:f1:a5:66:b2:d1:10:67:02:ff was issued on by QuoVadis Limited.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Bundesamt fuer Informatik und Telekommunikation (BIT)
Organization:
Bundesamt fuer Informatik und Telekommunikation (BIT)
State / Province:
Bern
Locality: Bern
Country: CH
Locality: Bern
Country: CH
QuoVadis Limited
Organization:
QuoVadis Limited
Country:
BM
This certificate has expire since
Certificate Details
Serial Number (hex): 4d:fa:d5:99:ca:1d:27:ae:ab:3c:08:f1:a5:66:b2:d1:10:67:02:ffSerial Number (int): 445186082901829339597576499635595733988035461887
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: ce:3c:a2:dc:3b:62:1d:25:0e:07:92:de:c4:11:3e:e1:6a:e3:05:1f
AuthorityKeyId: b3:12:89:b5:a9:4b:35:bc:15:00:f0:80:e9:d8:78:87:f1:13:7c:76
Fingerprint (sha1): 1a:4e:08:25:85:91:52:16:0a:b7:45:d5:6e:6e:cb:d4:56:b4:7b:99
Fingerprint (sha256): 01:1e:ec:67:53:5a:30:9d:e2:a7:aa:86:96:67:48:c9:5d:73:c2:f1:f8:4d:96:f4:9b:5a:72:e8:6b:84:95:46
Issuing Certificate URL: http://trust.quovadisglobal.com/qvsslg3.crt
Revocation information
OCSP Server: http://ocsp.quovadisglobal.comCRL Distribution Point: http://crl.quovadisglobal.com/qvsslg3.crl
Check the revocation status for certificate www.astra.admin.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.astra.admin.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.astra.admin.ch
Other certificates including the domain name admin.ch
(limited to 100 certificates)
www.blw.admin.ch
www.gate.bav.admin.ch
www.jira-a.estv.admin.ch
sts0032.sts.eiam.admin.ch
www.cmsp4-a.admin.ch
appint.naz.admin.ch
www.staatskalender.admin.ch
*.geo.admin.ch
www.code.admin.ch
www.bundespublikationen.admin.ch
www.suissetax-r.estv.admin.ch
help.geo.admin.ch
int.translation.eda.admin.ch
www.portal.bsv.admin.ch
viaduc.sfa-laboratory.ch
www.tacho-en.admin.ch
e-dec-web-a.ezv.admin.ch
ncts-formular.ezv.admin.ch
trifid-lindas.int.cluster.ldbar.ch
ws.inar-r.zas.admin.ch
rp-eda01.eda.admin.ch
apis.sem.admin.ch
ws.seodor.zas.admin.ch
www.sust.admin.ch
www.edb.admin.ch
www.sib.admin.ch
www.apistore.estv.admin.ch
www.xmlns.bfs.admin.ch
www.logixs.eda.admin.ch
www.esti.admin.ch
nd8.li.admin.ch
www.bar.admin.ch
sts003-r.gever.admin.ch
www-tmp-a.ekf.admin.ch
www.cfig.admin.ch
adonis.ezv.admin.ch
www.bag.admin.ch
key-recovery.a-pki.admin.ch
Int.ex4.lmsvbs.admin.ch
toolchain-selfservice.bit.admin.ch
s001047a.adr.admin.ch
ws.dds.bakom.admin.ch
rio-a.ssl.admin.ch
www.portal-a.eiam.admin.ch
www.ekff.admin.ch
www.cms-a1.admin.ch
ws.lsvastammdaten-r.admin.ch
ekkj.admin.ch
www.astra.admin.ch
www.sonderbewilligungen.admin.ch
intranet.sibad.vbs.admin.ch
storme-r.bafu.admin.ch
intranet.gate-r.bar.admin.ch
idp-base.gate-r.eiam.admin.ch
tokenunseal.a-pki.admin.ch
www.e-cites-a2.admin.ch
www.regress.admin.ch
intranet.vbs.admin.ch
www.oscitv-gw-a.admin.ch
epo.ejpd.admin.ch
test2.gate-a.bit.admin.ch
www.etv.blv.admin.ch
www.bestellung-k.admin.ch
www.pxweb-admin-a.bfs.admin.ch
www.widget.e-portal.admin.ch
www.ausbildung.eur-med.bazg.admin.ch
ebd.abn.ezv.admin.ch
www.cmsp8-a.admin.ch
www.b2cshop-i.admin.ch
idp-egov-federal.gate-d.eiam.admin.ch
flrt.bazl.admin.ch
ca-sbpp.seco.admin.ch
www.b2cshop.admin.ch
www.coff-ekff.admin.ch
sanadress.vbs.admin.ch
www.medregom-r.admin.ch
transfer-pr.wbf.admin.ch
cmc.a-pki.admin.ch
www.g2020-info.admin.ch
www.eofcom-r.admin.ch
ekkj.admin.ch
www.astra.admin.ch
ww2.elic-en.admin.ch
ws.quattrop-r.admin.ch
www.bbl.admin.ch
wwwt.interruptio-ges.bfs.admin.ch
www-tmp.roemerholz.admin.ch
www.aramis.admin.ch
survey.efk.admin.ch
uat-publish-internet-vbs.vbs.admin.ch
www.infoafam-a.zas.admin.ch
www.sust.admin.ch
www.plugins.aramis-a.admin.ch
www.pxweb-a.bfs.admin.ch
www.openegov.admin.ch
www.cms-t2.admin.ch
www.psyreg-k.admin.ch
www.cfej.admin.ch
www.cfig.admin.ch
pin-reset.a-pki.admin.ch
www.gate.bav.admin.ch
www.jira-a.estv.admin.ch
sts0032.sts.eiam.admin.ch
www.cmsp4-a.admin.ch
appint.naz.admin.ch
www.staatskalender.admin.ch
*.geo.admin.ch
www.code.admin.ch
www.bundespublikationen.admin.ch
www.suissetax-r.estv.admin.ch
help.geo.admin.ch
int.translation.eda.admin.ch
www.portal.bsv.admin.ch
viaduc.sfa-laboratory.ch
www.tacho-en.admin.ch
e-dec-web-a.ezv.admin.ch
ncts-formular.ezv.admin.ch
trifid-lindas.int.cluster.ldbar.ch
ws.inar-r.zas.admin.ch
rp-eda01.eda.admin.ch
apis.sem.admin.ch
ws.seodor.zas.admin.ch
www.sust.admin.ch
www.edb.admin.ch
www.sib.admin.ch
www.apistore.estv.admin.ch
www.xmlns.bfs.admin.ch
www.logixs.eda.admin.ch
www.esti.admin.ch
nd8.li.admin.ch
www.bar.admin.ch
sts003-r.gever.admin.ch
www-tmp-a.ekf.admin.ch
www.cfig.admin.ch
adonis.ezv.admin.ch
www.bag.admin.ch
key-recovery.a-pki.admin.ch
Int.ex4.lmsvbs.admin.ch
toolchain-selfservice.bit.admin.ch
s001047a.adr.admin.ch
ws.dds.bakom.admin.ch
rio-a.ssl.admin.ch
www.portal-a.eiam.admin.ch
www.ekff.admin.ch
www.cms-a1.admin.ch
ws.lsvastammdaten-r.admin.ch
ekkj.admin.ch
www.astra.admin.ch
www.sonderbewilligungen.admin.ch
intranet.sibad.vbs.admin.ch
storme-r.bafu.admin.ch
intranet.gate-r.bar.admin.ch
idp-base.gate-r.eiam.admin.ch
tokenunseal.a-pki.admin.ch
www.e-cites-a2.admin.ch
www.regress.admin.ch
intranet.vbs.admin.ch
www.oscitv-gw-a.admin.ch
epo.ejpd.admin.ch
test2.gate-a.bit.admin.ch
www.etv.blv.admin.ch
www.bestellung-k.admin.ch
www.pxweb-admin-a.bfs.admin.ch
www.widget.e-portal.admin.ch
www.ausbildung.eur-med.bazg.admin.ch
ebd.abn.ezv.admin.ch
www.cmsp8-a.admin.ch
www.b2cshop-i.admin.ch
idp-egov-federal.gate-d.eiam.admin.ch
flrt.bazl.admin.ch
ca-sbpp.seco.admin.ch
www.b2cshop.admin.ch
www.coff-ekff.admin.ch
sanadress.vbs.admin.ch
www.medregom-r.admin.ch
transfer-pr.wbf.admin.ch
cmc.a-pki.admin.ch
www.g2020-info.admin.ch
www.eofcom-r.admin.ch
ekkj.admin.ch
www.astra.admin.ch
ww2.elic-en.admin.ch
ws.quattrop-r.admin.ch
www.bbl.admin.ch
wwwt.interruptio-ges.bfs.admin.ch
www-tmp.roemerholz.admin.ch
www.aramis.admin.ch
survey.efk.admin.ch
uat-publish-internet-vbs.vbs.admin.ch
www.infoafam-a.zas.admin.ch
www.sust.admin.ch
www.plugins.aramis-a.admin.ch
www.pxweb-a.bfs.admin.ch
www.openegov.admin.ch
www.cms-t2.admin.ch
www.psyreg-k.admin.ch
www.cfej.admin.ch
www.cfig.admin.ch
pin-reset.a-pki.admin.ch
Certificate
The complete raw certificate details for www.astra.admin.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIDjCCBfagAwIBAgIUTfrVmcodJ66rPAjxpWay0RBnAv8wDQYJKoZIhvcNAQEL BQAwTTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxIzAh BgNVBAMTGlF1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBIEczMB4XDTIzMDExNTE5Mjgx NFoXDTI0MDExNTE5MjMwMFowgYgxCzAJBgNVBAYTAkNIMQ0wCwYDVQQIDARCZXJu MQ0wCwYDVQQHDARCZXJuMT4wPAYDVQQKDDVCdW5kZXNhbXQgZnVlciBJbmZvcm1h dGlrIHVuZCBUZWxla29tbXVuaWthdGlvbiAoQklUKTEbMBkGA1UEAwwSd3d3LmFz dHJhLmFkbWluLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfT/ jP/k/2yLxCgO2zL3+dZ+u0uMbVp7QK3rfR2I7Omka35hxqNEO+b2Ku+E9KJxVcP/ eXFatQqQ42iQ3Z6/ciVDl6orzRDoZ543EqcUBra5AzvZSEgVhJqEdBLb2DDc6VLz jfdFxdIdY1n3N8UVZXMeGmtG/svts83axi1g4M2qiDzXnwqTfidv1xaRiC8t64tb iBb3bqD8GKV2vqOlWCCR6rAwixuYVwJ7UktSnxlT3zWI8JVohNiF1kIBmEIsu6Gt KepQqvvytNoHPRrE2tBCSc9x42e5CZf2CWj/5Dn3uq0x9K0dm5/M3UiaRkeM6MDT YNh8kwvQLEcKopJjOwIDAQABo4IDqDCCA6QwCQYDVR0TBAIwADAfBgNVHSMEGDAW gBSzEom1qUs1vBUA8IDp2HiH8RN8djBzBggrBgEFBQcBAQRnMGUwNwYIKwYBBQUH MAKGK2h0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2JhbC5jb20vcXZzc2xnMy5jcnQw KgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTAdBgNV HREEFjAUghJ3d3cuYXN0cmEuYWRtaW4uY2gwWwYDVR0gBFQwUjBGBgwrBgEEAb5Y AAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5j b20vcmVwb3NpdG9yeTAIBgZngQwBAgIwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG AQUFBwMBMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwucXVvdmFkaXNnbG9i YWwuY29tL3F2c3NsZzMuY3JsMB0GA1UdDgQWBBTOPKLcO2IdJQ4Hkt7EET7hauMF HzAOBgNVHQ8BAf8EBAMCBaAwggH5BgorBgEEAdZ5AgQCBIIB6QSCAeUB4wB3AHb/ iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABhbbwhsQAAAQDAEgwRgIh ALsvvKiKdW6qtijTRd0z6OMG8EW6YkiazUiXz58CvR1WAiEA2QdTU8ljdMi/QV9K s1+us9x/brWw6FxhUqpfDHg9JDgAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQAN LXJv4frUFwAAAYW28IfCAAAEAwBHMEUCIDdImxUjZKLWlrclp324O0h+ViL9MMK8 xQ4d8B2/dZydAiEA+gsw+Se+GejSfs8DwXKsW3q5QdoFivTzP0Nj+4IIHeYAdwDu zdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYW28Ib9AAAEAwBIMEYC IQCLa4ON65QDWkyqcZHRg3xq057kyN9FHiGzVcJfg0RilQIhAIqBAsbUeDswOQjH haUYSTaiGNr0AUy9neXoCK/9T55/AHcAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgX L6OqHQcT0wwAAAGFtvCH8gAABAMASDBGAiEA0W+r+g95j3fLd2+0/zxWdh6KwPUS WQtp0j/pagMy4r8CIQDyKoRPzMt0vyVug5QToJrc0NgHYyn3RCQvHwHHC733tDAN BgkqhkiG9w0BAQsFAAOCAgEAD74o7Dh7HxlxB2fEfMyevSSA+IDfjcKS1nUR0ReI PbYJuIfI33+kx34G1HD3NfhyfSgJDWKoH+Fy58d9gbQWl4zASyCqdXZ6xwTaRZQe Ja4FzmKqwYnWfwL4SRSRFl21FDlLAKx0b1ANRVLsQj4wESx1Z2axvRNFwCIpY2se RiGGYTuOnEnoQHNxLVxeHsEh8DY5idkx9l6xOyCvHVAMTax7PmhiYvesgSeC9Ei9 +UHmimydUjcu98lHMj6tyUo5H+3qltcYGisp+n4nTNxNQZYWuIUaS5oW7S+vjUUb ANXHfLlyrw4AwrzVdhkKXLlJ99oIJv6Q/qMioSik7TFXEbVWv/BQw5SNMt5Sstdo 4XOLzXvVd6Udlm3aSPX5P0wvEajhcoMMQ4IGGPWTrj5AbMR9jk5wMaMyPh4iccon JgW3XRfzEKyjJc17/JMfD7LJcTbh3ObShtEpsZHrcEp+ZHh0afOJTo6SCzeKzO9d 9fZoDoczWkUugWEPkLd2elfmy36zyXtpBEaPblrjv8T2srclPeFOSjw61WHtpLmV dHR9amKrz7lTYOCnItJm5Nv24pJWk8NTfaa8mc9cOXWqWZ68S0+CEzWwRZZYQa80 GFjTNAPLUTl5GJPOGoX7FEVeNytDyBOsZI4V/LWokEyDSdwv6d3zr7ZMLB5+qdyU bNM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfT/jP/k/2yLxCgO2zL3 +dZ+u0uMbVp7QK3rfR2I7Omka35hxqNEO+b2Ku+E9KJxVcP/eXFatQqQ42iQ3Z6/ ciVDl6orzRDoZ543EqcUBra5AzvZSEgVhJqEdBLb2DDc6VLzjfdFxdIdY1n3N8UV ZXMeGmtG/svts83axi1g4M2qiDzXnwqTfidv1xaRiC8t64tbiBb3bqD8GKV2vqOl WCCR6rAwixuYVwJ7UktSnxlT3zWI8JVohNiF1kIBmEIsu6GtKepQqvvytNoHPRrE 2tBCSc9x42e5CZf2CWj/5Dn3uq0x9K0dm5/M3UiaRkeM6MDTYNh8kwvQLEcKopJj OwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 445186082901829339597576499635595733988035461887 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BM' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'QuoVadis Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'QuoVadis Global SSL ICA G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-15 19:28:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-15 19:23:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bundesamt fuer Informatik und Telekommunikation (BIT)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.astra.admin.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20950133456891348430752735113135106676243415103496097365211078802564221369389599416108453707699871628143630010146067980112832849223753811522832262618931273572355944995395027327804618525018107846547376751890114190043162203587555976557671129886589101719754804635820263714841075822093160035703403207704650249488938048639671357473271012338984472446191714417365669917705525291773628346972484455360193779098261705619862177239774308843638939386300306370194098513481401465574386319791021819371487548563565316948543243572200456619238569675537293845585765513030056230039016233482583843429000723302397448777600460842734858691387 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b31289b5a94b35bc1500f080e9d87887f1137c76 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://trust.quovadisglobal.com/qvsslg3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.quovadisglobal.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.astra.admin.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.8024.0.2.100.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.quovadisglobal.com/repository' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.quovadisglobal.com/qvsslg3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ce3ca2dc3b621d250e0792dec4113ee16ae3051f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (489 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) 01e300770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000185b6f086c40000040300483046022100bb2fbca88a756eaab628d345dd33e8e306f045ba62489acd4897cf9f02bd1d56022100d9075353c96374c8bf415f4ab35faeb3dc7f6eb5b0e85c6152aa5f0c783d24380076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad41700000185b6f087c20000040300473045022037489b152364a2d696b725a77db83b487e5622fd30c2bcc50e1df01dbf759c9d022100fa0b30f927be19e8d27ecf03c172ac5b7ab941da058af4f33f4363fb82081de6007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000185b6f086fd00000403004830460221008b6b838deb94035a4caa7191d1837c6ad39ee4c8df451e21b355c25f834462950221008a8102c6d4783b303908c785a5184936a218daf4014cbd9de5e808affd4f9e7f0077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000185b6f087f20000040300483046022100d16fabfa0f798f77cb776fb4ff3c56761e8ac0f512590b69d23fe96a0332e2bf022100f22a844fcccb74bf256e839413a09adcd0d8076329f744242f1f01c70bbdf7b4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 000fbe28ec387b1f19710767c47ccc9ebd2480f880df8dc292d67511d117883db609b887c8df7fa4c77e06d470f735f8727d28090d62a81fe172e7c77d81b416978cc04b20aa75767ac704da45941e25ae05ce62aac189d67f02f8491491165db514394b00ac746f500d4552ec423e30112c756766b1bd1345c02229636b1e462186613b8e9c49e84073712d5c5e1ec121f0363989d931f65eb13b20af1d500c4dac7b3e686262f7ac812782f448bdf941e68a6c9d52372ef7c947323eadc94a391fedea96d7181a2b29fa7e274cdc4d419616b8851a4b9a16ed2faf8d451b00d5c77cb972af0e00c2bcd576190a5cb949f7da0826fe90fea322a128a4ed315711b556bff050c3948d32de52b2d768e1738bcd7bd577a51d966dda48f5f93f4c2f11a8e172830c43820618f593ae3e406cc47d8e4e7031a3323e1e2271ca272605b75d17f310aca325cd7bfc931f0fb2c97136e1dce6d286d129b191eb704a7e64787469f3894e8e920b378accef5df5f6680e87335a452e81610f90b7767a57e6cb7eb3c97b6904468f6e5ae3bfc4f6b2b7253de14e4a3c3ad561eda4b99574747d6a62abcfb95360e0a722d266e4dbf6e2925693c3537da6bc99cf5c3975aa599ebc4b4f821335b045965841af341858d33403cb5139791893ce1a85fb14455e372b43c813ac648e15fcb5a8904c8349dc2fe9ddf3afb64c2c1e7ea9dc946cd3