hi1-ssl-client.sbb.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 31:25:d6:3d:84:83:94:3d:5c:a4:66:1c:35:e5:10:c5:54:ed:3b:50 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=hi1-ssl-client.sbb.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 31:25:d6:3d:84:83:94:3d:5c:a4:66:1c:35:e5:10:c5:54:ed:3b:50Serial Number (int): 280584338305268841603977098768275156778208803664
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: ba:58:3c:16:ed:0e:cc:7b:7c:93:35:52:85:92:4f:ac:f8:ef:85:72
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 80:fb:c1:7a:dc:8f:33:f3:1b:cd:ba:64:6d:3e:37:3c:80:57:24:3e
Fingerprint (sha256): 01:3b:56:09:99:88:7d:73:21:a8:c1:2e:e5:bd:1c:8e:2a:c9:f6:a2:1e:68:c3:75:a0:dc:20:f6:02:7f:d8:86
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate hi1-ssl-client.sbb.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hi1-ssl-client.sbb.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hi1-ssl-client.sbb.ch
Other certificates including the domain name sbb.ch
(limited to 100 certificates)
i88507.sbb.ch
tel.sbb.ch
esq.sbb.ch
etcsst.sbb.ch
oraaux-otc2-t04.sbb.ch
webservice.zvs.b2b.sbb.ch
rpn.sbb.ch
edgemail.sbb.ch
besichtigunghaegendorf.event.sbb.ch
hrstrategieanlass2022.event.sbb.ch
bim-industry-days.event.sbb.ch
origin.int-www.sbb.ch
ausbau-bahnhof-lenzburg.event.sbb.ch
ipv.sbb.ch
auth.sbb.ch
f2test.sbb.ch
qt1-ssl-client.sbb.ch
fs.sbb.ch
viewer.mud.sbb.ch
mobileprod.sbb.ch
austausch-buspartner.event.sbb.ch
polarion-coordinator-t.sbb.ch
secure05.stage.lithium.com
186e-d5751.event.sbb.ch
gtech-modelviewer.sbb.ch
clicks.freizeit.sbb.ch
previewserver.sbb.ch
austausch-buspartner.event.sbb.ch
oauthtester-ws.sbb.ch
smo.test.single.sbb.ch
kundenstimme.sbb.ch
fntcmd-prod.sbb.ch
hi1-ssl-client.sbb.ch
aditest3.sbb.ch
carbon.sbb.ch
dcs.info.sbb.ch
gewinnen.sbb.ch
elazt.sbb.ch
railbuyer.sbb.ch
tip.sbb.ch
bpoelscom501.sbb.ch
lea.sbb.ch
ftp-secure.sbb.ch
koserv.sbb.ch
apu-p-paq.sbb.ch
vmits04-t.cdc-dmz.sbb.ch
lira.sbb.ch
test1.event.sbb.ch
secure01.lithium.com
ictsca.sbb.ch
miku-ws.sbb.ch
events.sbb.ch
secure05.stage.lithium.com
biv-zvl-25042022.event.sbb.ch
int-infoportal.sbb.ch
secure01.lithium.com
kmsp.sbb.ch
f5int.sbb.ch
dim.sbb.ch
dms-int16.sbb.ch
apaint-swc2-t01.sbb.ch
api.solace01t.otc-test.sbb.ch
186e-d5751.event.sbb.ch
rsdpext.sbb.ch
polarion-coordinator.sbb.ch
carflt-otc2-p01.sbb.ch
besichtigungbahntechnikhaegendorf.event.sbb.ch
journey-maps-tiles.geocdn.sbb.ch
pv.mailing.railaway.ch
data.sbb.ch
sapdms-test.sbb.ch
railbuyer.sbb.ch
*.fpl-nonprod.aws.sbb.ch
4765-ec38.event.sbb.ch
fntcmd-prod.sbb.ch
sbbstimme.sbb.ch
nova-koserv-ws.sbb.ch
lscmeeting.event.sbb.ch
sso-inactive.sbb.ch
orbita.sbb.ch
microtrategy-day.event.sbb.ch
rgs-appl-prod-de.sbb.ch
lvsschiene.sbb.ch
dms.sbb.ch
mediacenter.sbb.ch
code-t.sbb.ch
klesy.sbb.ch
depotsystem.sbb.ch
company.sbb.ch
risportal.sbb.ch
secure01.lithium.com
f1.sbb.ch
vmits06.cdc-dmz.sbb.ch
trace-d.sbb.ch
f1test.sbb.ch
secretescapes.sbb.ch
trace-t.sbb.ch
company.sbb.ch
lisaint.sbb.ch
tip2.sbb.ch
tel.sbb.ch
esq.sbb.ch
etcsst.sbb.ch
oraaux-otc2-t04.sbb.ch
webservice.zvs.b2b.sbb.ch
rpn.sbb.ch
edgemail.sbb.ch
besichtigunghaegendorf.event.sbb.ch
hrstrategieanlass2022.event.sbb.ch
bim-industry-days.event.sbb.ch
origin.int-www.sbb.ch
ausbau-bahnhof-lenzburg.event.sbb.ch
ipv.sbb.ch
auth.sbb.ch
f2test.sbb.ch
qt1-ssl-client.sbb.ch
fs.sbb.ch
viewer.mud.sbb.ch
mobileprod.sbb.ch
austausch-buspartner.event.sbb.ch
polarion-coordinator-t.sbb.ch
secure05.stage.lithium.com
186e-d5751.event.sbb.ch
gtech-modelviewer.sbb.ch
clicks.freizeit.sbb.ch
previewserver.sbb.ch
austausch-buspartner.event.sbb.ch
oauthtester-ws.sbb.ch
smo.test.single.sbb.ch
kundenstimme.sbb.ch
fntcmd-prod.sbb.ch
hi1-ssl-client.sbb.ch
aditest3.sbb.ch
carbon.sbb.ch
dcs.info.sbb.ch
gewinnen.sbb.ch
elazt.sbb.ch
railbuyer.sbb.ch
tip.sbb.ch
bpoelscom501.sbb.ch
lea.sbb.ch
ftp-secure.sbb.ch
koserv.sbb.ch
apu-p-paq.sbb.ch
vmits04-t.cdc-dmz.sbb.ch
lira.sbb.ch
test1.event.sbb.ch
secure01.lithium.com
ictsca.sbb.ch
miku-ws.sbb.ch
events.sbb.ch
secure05.stage.lithium.com
biv-zvl-25042022.event.sbb.ch
int-infoportal.sbb.ch
secure01.lithium.com
kmsp.sbb.ch
f5int.sbb.ch
dim.sbb.ch
dms-int16.sbb.ch
apaint-swc2-t01.sbb.ch
api.solace01t.otc-test.sbb.ch
186e-d5751.event.sbb.ch
rsdpext.sbb.ch
polarion-coordinator.sbb.ch
carflt-otc2-p01.sbb.ch
besichtigungbahntechnikhaegendorf.event.sbb.ch
journey-maps-tiles.geocdn.sbb.ch
pv.mailing.railaway.ch
data.sbb.ch
sapdms-test.sbb.ch
railbuyer.sbb.ch
*.fpl-nonprod.aws.sbb.ch
4765-ec38.event.sbb.ch
fntcmd-prod.sbb.ch
sbbstimme.sbb.ch
nova-koserv-ws.sbb.ch
lscmeeting.event.sbb.ch
sso-inactive.sbb.ch
orbita.sbb.ch
microtrategy-day.event.sbb.ch
rgs-appl-prod-de.sbb.ch
lvsschiene.sbb.ch
dms.sbb.ch
mediacenter.sbb.ch
code-t.sbb.ch
klesy.sbb.ch
depotsystem.sbb.ch
company.sbb.ch
risportal.sbb.ch
secure01.lithium.com
f1.sbb.ch
vmits06.cdc-dmz.sbb.ch
trace-d.sbb.ch
f1test.sbb.ch
secretescapes.sbb.ch
trace-t.sbb.ch
company.sbb.ch
lisaint.sbb.ch
tip2.sbb.ch
Certificate
The complete raw certificate details for hi1-ssl-client.sbb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHIzCCBQugAwIBAgIUMSXWPYSDlD1cpGYcNeUQxVTtO1AwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDUwMjA2 NDcyN1oXDTI1MDUwMjA2NDcyN1owIDEeMBwGA1UEAxMVaGkxLXNzbC1jbGllbnQu c2JiLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzglcN/q7BP4j xUDuABcuCqpSx0EeUv6uSTghSmABKs0huX3QGaDWQTw6vS42qy57i06Ci3sAXwou Z2KzOitUExVwd5JyLOyj0ecR2VPqBD2UWanj6PzvPhmqifopDUKj+keEZNNwYT9l Mh/7njKXNdLko7LQk42K2dlV/dXgka41PrtvBVpkRSzEH1WAufiEk6/6AT18FK5z 2XOdAqsODtPp66RXb2ZUBmfGceSqaWOGryqWEnydaEiCcNlNeXdHF4qzumONBWT/ i41+hwPL8Ge0jF5mGD3RDifNDYoCfLeW6/XIT61/Fqc+jVKqAjVBONt/Dto689tE IR2V/otH9IJejMNvnuB0N6xEWtV3IK4O4eN46x72rIvGnTXuUUWj+CR3KcNZg4kp BQrtBGztkJkxYg3NgOMx6FY6Sfx/fd71z8RNT3X0WPl6aaGQaq2uho7yBycYzsi1 hLx9VrnE8ane+BmNIllFxBw9x72fPvkPwTLD3sV+AkJ3kasFEDeoFdKk0/f9O87L UwHsD3cCyw03m2SC0pr9/d0wiHjAM99nhpWW1VfNgR6lB4MrawUcohcLL2OZy1T+ 8DaIUlMkv3ChDMLPQxMlZcd2Uz0gM1MiaAMaCbvRdGeDgFg9Y8X9SA1GBLIETnl5 tWPm22EnPQAQW9AxPlUghVNm4WzzelcCAwEAAaOCAiMwggIfMIGyBggrBgEFBQcB AQSBpTCBojBMBggrBgEFBQcwAoZAaHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWly LTFiODYzMzg1LWY0YTktNDdmYS04OGE1LTJhNWFiZmQ0YTE2NzBSBggrBgEFBQcw AYZGaHR0cDovL29jc3Auc3dpc3NzaWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2 ZTgtNDA2OS05YjFiLWZkMjlhYjczZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECATAI BgYEAI96AQYwUAYIYIV0AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBv c2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1Ud HwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwuc3dpc3NzaWduLmNoL2NkcC02Nzk3MjNi Mi04NjQxLTQ2NDItODUwMC1mNmQyZmYzN2U2YmEwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAgBgNVHREEGTAXghVoaTEtc3Ns LWNsaWVudC5zYmIuY2gwHQYDVR0OBBYEFLpYPBbtDsx7fJM1UoWST6z474VyMB8G A1UdIwQYMBaAFOu9f0mTjMnu7KK69xzSZ/CDsereMBMGCisGAQQB1nkCBAMBAf8E AgUAMA0GCSqGSIb3DQEBCwUAA4ICAQChkndxxeANRY2m/8pkxYmSVAfL2u8535/h LAMvFz13cKHoIENFoMZxeq3Q5TXapzxauRcXxHHTATv5QfempvWUMscoqNJHOVHS iOFHVdmnE0Inv6SrquDOuNuMSA9YzpYTnA7bNgdWjzVp5qktlpcyIUhwyPFD8LrE 3Pfi4XFzIbsfMWharEWMGjrIGY5GU58vb+wBvIxJHkaEUwzYu/Vf32aLf5g7LbbD P1refy7uceiktgUydfFpGtkSyHYSHetEEUrcnhMT0woB+fDZZrR/QKFbRj8Oz/Yw vQFWk/yhM4MEmKX7x2yF+UZMzH/sCmtMCO640WpOexzOxv56CT9Eu22g2Qm2z13T QNHzEihBwCw9yLEf2Z/2BsIAKjn8BqAGs0l+i2UWAcg1xsycU7YX0nlF3kKat0Qb IAeCP3/FxODlzPwvQAZcFvflrfCbhRPNaIq11BvAeB1fczK15b/EYMJvwl5cXSf8 0jEQkObfc4c/OUPLFUp24SVrUJJNLI6tiG1b83EtX3xm3aEMllmiUHpJpvheTo63 4klzmGbKixB/uOpteyUL5gl1Ezw7ADRgiHGmUG0fWUFjMBpkSPCFkIVqM0WiLQjI CK/CZOK/zfu2zcGbpddIjwKxv+0uqsI/3XEyy1b7eYZmDW6uaWNNspo36vPefgLT vpwMnc1FXA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzglcN/q7BP4jxUDuABcu CqpSx0EeUv6uSTghSmABKs0huX3QGaDWQTw6vS42qy57i06Ci3sAXwouZ2KzOitU ExVwd5JyLOyj0ecR2VPqBD2UWanj6PzvPhmqifopDUKj+keEZNNwYT9lMh/7njKX NdLko7LQk42K2dlV/dXgka41PrtvBVpkRSzEH1WAufiEk6/6AT18FK5z2XOdAqsO DtPp66RXb2ZUBmfGceSqaWOGryqWEnydaEiCcNlNeXdHF4qzumONBWT/i41+hwPL 8Ge0jF5mGD3RDifNDYoCfLeW6/XIT61/Fqc+jVKqAjVBONt/Dto689tEIR2V/otH 9IJejMNvnuB0N6xEWtV3IK4O4eN46x72rIvGnTXuUUWj+CR3KcNZg4kpBQrtBGzt kJkxYg3NgOMx6FY6Sfx/fd71z8RNT3X0WPl6aaGQaq2uho7yBycYzsi1hLx9VrnE 8ane+BmNIllFxBw9x72fPvkPwTLD3sV+AkJ3kasFEDeoFdKk0/f9O87LUwHsD3cC yw03m2SC0pr9/d0wiHjAM99nhpWW1VfNgR6lB4MrawUcohcLL2OZy1T+8DaIUlMk v3ChDMLPQxMlZcd2Uz0gM1MiaAMaCbvRdGeDgFg9Y8X9SA1GBLIETnl5tWPm22En PQAQW9AxPlUghVNm4WzzelcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 280584338305268841603977098768275156778208803664 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-02 06:47:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-02 06:47:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hi1-ssl-client.sbb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 840555843650590528286763681291016756777480491174423496125505478851107644790726436350346026595696586885699824041847508823545666833429785658129869485086821107422305484787503420797988053081688154253675897791815448415480460303577076264831593534084529753305148277496356819566059597646959816183460058933773473195779543932559052051022231593760960277577661484638637154392835232489381401688136962257492855004070880263658200843595868927160275546574308271927296198678158366024666333678950779186191032890501408091458587325961948260150526717854736003237384467863340390952321766365820340305860351456312660747864662098430328221557873503107935008995144633819774483770313613866175525671981277276186851187128063435765575170556936377288021596409676552652514935472445135809344061626374285025240229624283559422771738920819462861468007852139632614445114657189071499101871590432304228661748081329862187306252000762566528839602169712943789975469600786013297054386712658674517948910699366964889481640710612392283203066117555693184833985290229524707800610248655282098731442137067328531851310389173742421500836717745045973919548477982865882545586365801477373582580198068583007368136424622391070195642440388500826448922061646655288856277043533304147819422251607 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hi1-ssl-client.sbb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ba583c16ed0ecc7b7c93355285924facf8ef8572 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00a1927771c5e00d458da6ffca64c589925407cbdaef39df9fe12c032f173d7770a1e8204345a0c6717aadd0e535daa73c5ab91717c471d3013bf941f7a6a6f59432c728a8d2473951d288e14755d9a7134227bfa4abaae0ceb8db8c480f58ce96139c0edb3607568f3569e6a92d969732214870c8f143f0bac4dcf7e2e1717321bb1f31685aac458c1a3ac8198e46539f2f6fec01bc8c491e4684530cd8bbf55fdf668b7f983b2db6c33f5ade7f2eee71e8a4b6053275f1691ad912c876121deb44114adc9e1313d30a01f9f0d966b47f40a15b463f0ecff630bd015693fca133830498a5fbc76c85f9464ccc7fec0a6b4c08eeb8d16a4e7b1ccec6fe7a093f44bb6da0d909b6cf5dd340d1f3122841c02c3dc8b11fd99ff606c2002a39fc06a006b3497e8b651601c835c6cc9c53b617d27945de429ab7441b2007823f7fc5c4e0e5ccfc2f40065c16f7e5adf09b8513cd688ab5d41bc0781d5f7332b5e5bfc460c26fc25e5c5d27fcd2311090e6df73873f3943cb154a76e1256b50924d2c8ead886d5bf3712d5f7c66dda10c9659a2507a49a6f85e4e8eb7e249739866ca8b107fb8ea6d7b250be60975133c3b0034608871a6506d1f594163301a6448f08590856a3345a22d08c808afc264e2bfcdfbb6cdc19ba5d7488f02b1bfed2eaac23fdd7132cb56fb7986660d6eae69634db29a37eaf3de7e02d3be9c0c9dcd455c