crypto-stamp.post.ch
- Die Schweizerische Post AG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 4d:d9:7d:b6:aa:85:f7:24:a3:b7:7a:3e:4f:36:45:cb:49:9e:85:2f was issued on by SwissSign AG.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Die Schweizerische Post AG
Organization:
Die Schweizerische Post AG
State / Province:
BE
Locality: Bern
Country: CH
Locality: Bern
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 4d:d9:7d:b6:aa:85:f7:24:a3:b7:7a:3e:4f:36:45:cb:49:9e:85:2fSerial Number (int): 444442502255313385652971158025563782540332795183
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 31:4b:9c:c3:d3:75:61:7d:8e:f4:39:a0:06:60:1d:1b:4b:c9:7a:a9
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 8a:3f:6b:60:32:38:ea:33:ea:2d:83:db:fc:48:b2:7d:e6:88:ab:2f
Fingerprint (sha256): 01:e1:69:6f:62:41:e7:c1:f6:02:e2:c5:3f:2f:56:de:fb:44:c3:84:a8:73:cc:6b:1a:a2:89:29:41:57:14:a6
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate crypto-stamp.post.ch
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for crypto-stamp.post.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
crypto-stamp.post.ch
crypto-stamp1.post.ch
crypto-stamp2.post.ch
crypto-stamp1.post.ch
crypto-stamp2.post.ch
Other certificates including the domain name post.ch
(limited to 100 certificates)
fakeext.post.ch
zwab-int.post.ch
moodle.pa.post.ch
mova.post.ch
webfocus.post.ch
digitaler-posteingang.post.ch
securepost.post.ch
filialemitpartner.post.ch
moodle.pa.post.ch
e-collaboration-int.post.ch
jobs-int.post.ch
m-extranet.post.ch
xray.tools.post.ch
directpoint.post.ch
places.post.ch
new.post.ch
mapservice.post.ch
wohnen-franklinplatz.post.ch
wwwsc.post.ch
gandalf.apis.post.ch
billingonline-dev.post.ch
dh-auth.apis.post.ch
cinfoni-germany.innovation.post.ch
loginint.post.ch
file-intpa-cms.post.ch
agentur-int.post.ch
gitit.post.ch
zubofi.apis-dev.post.ch
ef-testix.post.ch
transport-service.post.ch
directpoint.post.ch
ci-euw1.ireland.delivery.aimatch.net
accountint2.post.ch
address.apis-test.post.ch
docucenterint.post.ch
ci-euw1.ireland.delivery.aimatch.net
msmgateway-int.post.ch
uaasapp3rsa.post.ch
epostoffice3.post.ch
static.post.ch
location-poste-martigny.post.ch
uaasapp3rsadev2.post.ch
crypto-stamp.post.ch
gabi.apis-test.post.ch
nemoauth-test.post.ch
sorryrpz-int.post.ch
webservices-cashlog-int.post.ch
accountint1.post.ch
static.post.ch
cbt.externint.post.ch
wohnen-zollikofen.post.ch
directdayint.post.ch
apis.post.ch
gw.incamail-dev.post.ch
mx3.post.ch
salt-aboint.post.ch
ci-euw1.ireland.delivery.aimatch.net
postweb.post.ch
orgtool-int.post.ch
die-post-kann-mehrint.post.ch
erpcorp.apis-int.post.ch
schreibenint.post.ch
nemoint.post.ch
postzone.extern.post.ch
news-intern.post.ch
cockpitint2.post.ch
apitest.post.ch
mp24hub.apis.post.ch
servicetest.post.ch
mobilecodeservice.apis.post.ch
vsc.apis.post.ch
stb-test.innovation.post.ch
pccweb.apitest.post.ch
webtransferint.post.ch
agentur-int.post.ch
www.post.ch
laborsendungen.post.ch
facetoface.post.ch
ci-euw1.ireland.delivery.aimatch.net
ci-euw1.ireland.delivery.aimatch.net
digitaler-posteingangint.post.ch
e-mobilityint.post.ch
fdsbc.post.ch
tresorit.post.ch
gw.incamail-dev.post.ch
gewinnende-worte.post.ch
accountint2.post.ch
rasns01.post.ch
ident.apis-dev.post.ch
test.post.ch
e-commerce.post.ch
salt-aboint.post.ch
96749.post.ch
juravote-int.post.ch
sventest.post.ch
sventest.post.ch
patient.sanela.dh.post.ch
e-mobilityint.post.ch
sapmsint.post.ch
gollum.apis-dev.post.ch
zwab-int.post.ch
moodle.pa.post.ch
mova.post.ch
webfocus.post.ch
digitaler-posteingang.post.ch
securepost.post.ch
filialemitpartner.post.ch
moodle.pa.post.ch
e-collaboration-int.post.ch
jobs-int.post.ch
m-extranet.post.ch
xray.tools.post.ch
directpoint.post.ch
places.post.ch
new.post.ch
mapservice.post.ch
wohnen-franklinplatz.post.ch
wwwsc.post.ch
gandalf.apis.post.ch
billingonline-dev.post.ch
dh-auth.apis.post.ch
cinfoni-germany.innovation.post.ch
loginint.post.ch
file-intpa-cms.post.ch
agentur-int.post.ch
gitit.post.ch
zubofi.apis-dev.post.ch
ef-testix.post.ch
transport-service.post.ch
directpoint.post.ch
ci-euw1.ireland.delivery.aimatch.net
accountint2.post.ch
address.apis-test.post.ch
docucenterint.post.ch
ci-euw1.ireland.delivery.aimatch.net
msmgateway-int.post.ch
uaasapp3rsa.post.ch
epostoffice3.post.ch
static.post.ch
location-poste-martigny.post.ch
uaasapp3rsadev2.post.ch
crypto-stamp.post.ch
gabi.apis-test.post.ch
nemoauth-test.post.ch
sorryrpz-int.post.ch
webservices-cashlog-int.post.ch
accountint1.post.ch
static.post.ch
cbt.externint.post.ch
wohnen-zollikofen.post.ch
directdayint.post.ch
apis.post.ch
gw.incamail-dev.post.ch
mx3.post.ch
salt-aboint.post.ch
ci-euw1.ireland.delivery.aimatch.net
postweb.post.ch
orgtool-int.post.ch
die-post-kann-mehrint.post.ch
erpcorp.apis-int.post.ch
schreibenint.post.ch
nemoint.post.ch
postzone.extern.post.ch
news-intern.post.ch
cockpitint2.post.ch
apitest.post.ch
mp24hub.apis.post.ch
servicetest.post.ch
mobilecodeservice.apis.post.ch
vsc.apis.post.ch
stb-test.innovation.post.ch
pccweb.apitest.post.ch
webtransferint.post.ch
agentur-int.post.ch
www.post.ch
laborsendungen.post.ch
facetoface.post.ch
ci-euw1.ireland.delivery.aimatch.net
ci-euw1.ireland.delivery.aimatch.net
digitaler-posteingangint.post.ch
e-mobilityint.post.ch
fdsbc.post.ch
tresorit.post.ch
gw.incamail-dev.post.ch
gewinnende-worte.post.ch
accountint2.post.ch
rasns01.post.ch
ident.apis-dev.post.ch
test.post.ch
e-commerce.post.ch
salt-aboint.post.ch
96749.post.ch
juravote-int.post.ch
sventest.post.ch
sventest.post.ch
patient.sanela.dh.post.ch
e-mobilityint.post.ch
sapmsint.post.ch
gollum.apis-dev.post.ch
Certificate
The complete raw certificate details for crypto-stamp.post.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJ+zCCB+OgAwIBAgIUTdl9tqqF9ySjt3o+TzZFy0mehS8wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTIzMDkxOTEz NDA1NFoXDTI0MDkxOTEzNDA1NFowbTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkJF MQ0wCwYDVQQHDARCZXJuMSMwIQYDVQQKDBpEaWUgU2Nod2VpemVyaXNjaGUgUG9z dCBBRzEdMBsGA1UEAxMUY3J5cHRvLXN0YW1wLnBvc3QuY2gwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQDGSw4dWx5GFDxbFh/3ZaUeSzkwMRpUbEQj8WMw Fi7NbkDxPkrYaFkuu/fbqMGNo5cgEyYD+2JSh0ZN3zsT2plL5JFQh5syRHNhR5hO u0vEZnf9sRDqZJbURIDrgm+OdMIt5YolmVxKuoLwFQJTcbUC9dt3wadlGyjnWTRg rHhRn5wtBqMN1ZA2GGwU/YEIwa4JRrqWu50e0SKWCr1fgVKVBGk/OKc2q37JCpbp rRFdu/qyjhvJ//kJnXIey3gzbb8jf48iHCRNfkRvpmWvpVcywjw1kV4Hu1aZyb7/ WnUxTZ1PBcWuKY0R6Ub8GZr+uG6VWg9jeqwPvZOkO/RWKoKtXcwqnjhBCXaVd++n fJP4abmXhq9MxuvTm3GJqDJrX6fox/kTu1/smy8ZWvP3oGZU0ii+hfWvfYnQ9a0q 9ygAbE9Ej57pAmoakh6+1uVFYSWRKfwGrxrurlaktBZlvtsa74Hq1DoccFw1MO+3 5cw27n4vZxxr4YpaIRTiLHoKKdp41kfnld2cg8XqdbllorsS6NL2sjcbOBlRNyW/ dMA8RaxITnf2hHuMaqYJM6PgNshFh7wCVqAOzG+xOUWrlRR5xlYOEQ+vbx6W3hlS z25JDXDfqRyShRiymz2zAjcvdMImlB8eSoHrpjnvSPFINRB8Wf0cWlIEYE5HsYip bQcCRQIDAQABo4IErjCCBKowgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAC hkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMGYyYmY5YTUtZGQzNy00OGM5 LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lz c3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFi NzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQICMAgGBgQAj3oBBzBQBghghXQBWQIB AjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv bS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDov L2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNl NDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0P AQH/BAQDAgWgME0GA1UdEQRGMESCFGNyeXB0by1zdGFtcC5wb3N0LmNoghVjcnlw dG8tc3RhbXAxLnBvc3QuY2iCFWNyeXB0by1zdGFtcDIucG9zdC5jaDAdBgNVHQ4E FgQUMUucw9N1YX2O9DmgBmAdG0vJeqkwHwYDVR0jBBgwFoAUfG8KbxMP2YwkbyY0 81xrQ223I7YwggJvBgorBgEEAdZ5AgQCBIICXwSCAlsCWQB3AFWB1MIWkDYBSuoL m1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABiq2sJ9MAAAQDAEgwRgIhAJcoK9r7w6M/ XSYVaqO0RPzkf8nDlVIeQBS87scs7bgsAiEApUXHDEfKO6RhSX4dRk12evekOjcV UCX0VnQq7eEdk7gAdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAA AYqtrCkMAAAEAwBHMEUCIQCjXlr8oPwditCb3H+jLcaNZ0vJlfw4ocOYXggRDz+d 4AIgaGtloTTweI4ijRenkXwCQRnhToiX93uD3oUHiwGmBqMAdgB2/4g/Crb7lVHC Ycz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYqtrCnhAAAEAwBHMEUCIEvKtzWq/H8s 45YnFwOEt4hbJfCA/lulNofOCj0bCU9BAiEAhN7JBYX+xonefbBjFiVQ4cxiPpBA BnC6VJSndaou110AdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAA AYqtrCrIAAAEAwBHMEUCICG/Si23dHUceiOvnerrfLi+8VTvw50Zycrx5qMCpSkQ AiEAknUINHKji75sn5a7BecS+90n3V4EG+9CiO3tx45Cru4AdgCHT7UNwCnZkx3l c+nyiZ6ORTOzktOLCkYldL8P7rL8HgAAAYqtrC6zAAAEAwBHMEUCIFXBHuz18cc8 6a7JYsUayHZEe3bsjihkV3vw+PXzM0rAAiEAlNQAGyb5H111BYpKTtBe8dUo+FEt hhP08ojGelGhU9UwDQYJKoZIhvcNAQELBQADggIBAFGBF9IwztseQddE724TP6PB 7skzKi6bXTgnPnvzyrod7sQAfpQ/8rGChWKhY05uTsCX70VefmxF3fOcx3lRzZsy Yfc85tjljQy+H7Hvc/hVJg/Ehaxs3DU1WN/+58batLMsIUmIf3ExGOTWgIA4JUCw 9lwxiGYIkj9vbUyMIB2Ttg5cbCebawvO95vAVE5AEOAiuSGZLf8J1GO1rteDiFbe fbXZsK30/RHkA7lx8Jy83UFSb7eEbfa72G8fDSQHGzlln04FsCjNXOBoBFJfX94W gIXH03KgpKO1fvR0AZf0ilCvjh8+usM6JIBw5z/oPcGJGc48bDsVW3zdmwlnKmS9 GK6CNqLX2DiiTndDOv2kIaMkSKLBNl8WQI39kLp5iDxkKOTk1Qzst5HdvWFo2QTL zQdXZ8ep0lYfF8oPKE7EiTBG+w/0f+M70mERJEhmz2JDKOreqQrLuUoMqnT8lwOI 1p3kDHSElBx8NPHql9Mstng4CEDYZWyWiM+raKiC45ZrO4Az8QW7dHVzrYFI+mTm JGehqwJ0C7K4uUP6dEr6sNroiCk0I/C0X/YQvbAaVqT9pwIKJnAodXa5r4Qz5Gl+ PYN3KBTmDJcnFiH6KPlWj2nyQyz5b9aOxYfZH/u8qNfw6E02pFnoBoeOH/7DMEt2 +WfPOBS3J0M/ZssZ9a0I -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxksOHVseRhQ8WxYf92Wl Hks5MDEaVGxEI/FjMBYuzW5A8T5K2GhZLrv326jBjaOXIBMmA/tiUodGTd87E9qZ S+SRUIebMkRzYUeYTrtLxGZ3/bEQ6mSW1ESA64JvjnTCLeWKJZlcSrqC8BUCU3G1 AvXbd8GnZRso51k0YKx4UZ+cLQajDdWQNhhsFP2BCMGuCUa6lrudHtEilgq9X4FS lQRpPzinNqt+yQqW6a0RXbv6so4byf/5CZ1yHst4M22/I3+PIhwkTX5Eb6Zlr6VX MsI8NZFeB7tWmcm+/1p1MU2dTwXFrimNEelG/Bma/rhulVoPY3qsD72TpDv0ViqC rV3MKp44QQl2lXfvp3yT+Gm5l4avTMbr05txiagya1+n6Mf5E7tf7JsvGVrz96Bm VNIovoX1r32J0PWtKvcoAGxPRI+e6QJqGpIevtblRWElkSn8Bq8a7q5WpLQWZb7b Gu+B6tQ6HHBcNTDvt+XMNu5+L2cca+GKWiEU4ix6CinaeNZH55XdnIPF6nW5ZaK7 EujS9rI3GzgZUTclv3TAPEWsSE539oR7jGqmCTOj4DbIRYe8AlagDsxvsTlFq5UU ecZWDhEPr28elt4ZUs9uSQ1w36kckoUYsps9swI3L3TCJpQfHkqB66Y570jxSDUQ fFn9HFpSBGBOR7GIqW0HAkUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 444442502255313385652971158025563782540332795183 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-19 13:40:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-19 13:40:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Die Schweizerische Post AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'crypto-stamp.post.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 808965612335390366683936058352429798014856509445258379302930040484442354308790584552447899981965359725340030732655914006255832034378245233079316354067027667895805178317817166593760759139819744230193355056541456619405070606639145595862838594260045080485893816056828156085795624525918099118913553446430874580670749821378597608615864238180888385726476633557717538041776885715269942127372310198297783703996865379405679378306297060549094859644189477622491884423536099478895568578967836696169829371980959151421180600534393192560950680638363203004971490614524888513001201911412302136749285256519736975997279405489871300148154382055221443815888941608505403055824216843620336829183573839431360430695755615990456051450786702177472393734954843098864302416060684416681523992890761595176615673704161316625572647454669110483713418156814262328778335235222110906444055885196450158692120652831574975378925527762392916590462453894702689614617190343044326698620509053481993001130987284868588441210456409182569957917336173848859368094286278194926621329792281282138157608249086543930743588173334919047365001206446582620157178251792786837590330197661135565837429173077818005284926479116441096167674253605194721466772493920364914676530814781532864248218181 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crypto-stamp.post.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crypto-stamp1.post.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crypto-stamp2.post.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 314b9cc3d375617d8ef439a006601d1b4bc97aa9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (607 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes) 02590077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018aadac27d3000004030048304602210097282bdafbc3a33f5d26156aa3b444fce47fc9c395521e4014bceec72cedb82c022100a545c70c47ca3ba461497e1d464d767af7a43a37155025f456742aede11d93b8007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018aadac290c0000040300473045022100a35e5afca0fc1d8ad09bdc7fa32dc68d674bc995fc38a1c3985e08110f3f9de00220686b65a134f0788e228d17a7917c024119e14e8897f77b83de85078b01a606a300760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018aadac29e1000004030047304502204bcab735aafc7f2ce39627170384b7885b25f080fe5ba53687ce0a3d1b094f4102210084dec90585fec689de7db063162550e1cc623e90400670ba5494a775aa2ed75d007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018aadac2ac80000040300473045022021bf4a2db774751c7a23af9deaeb7cb8bef154efc39d19c9caf1e6a302a529100221009275083472a38bbe6c9f96bb05e712fbdd27dd5e041bef4288ededc78e42aeee007600874fb50dc029d9931de573e9f2899e8e4533b392d38b0a462574bf0feeb2fc1e0000018aadac2eb30000040300473045022055c11eecf5f1c73ce9aec962c51ac876447b76ec8e2864577bf0f8f5f3334ac002210094d4001b26f91f5d75058a4a4ed05ef1d528f8512d8613f4f288c67a51a153d5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00518117d230cedb1e41d744ef6e133fa3c1eec9332a2e9b5d38273e7bf3caba1deec4007e943ff2b1828562a1634e6e4ec097ef455e7e6c45ddf39cc77951cd9b3261f73ce6d8e58d0cbe1fb1ef73f855260fc485ac6cdc353558dffee7c6dab4b32c2149887f713118e4d68080382540b0f65c31886608923f6f6d4c8c201d93b60e5c6c279b6b0bcef79bc0544e4010e022b921992dff09d463b5aed7838856de7db5d9b0adf4fd11e403b971f09cbcdd41526fb7846df6bbd86f1f0d24071b39659f4e05b028cd5ce06804525f5fde168085c7d372a0a4a3b57ef4740197f48a50af8e1f3ebac33a248070e73fe83dc18919ce3c6c3b155b7cdd9b09672a64bd18ae8236a2d7d838a24e77433afda421a32448a2c1365f16408dfd90ba79883c6428e4e4d50cecb791ddbd6168d904cbcd075767c7a9d2561f17ca0f284ec4893046fb0ff47fe33bd26111244866cf624328eadea90acbb94a0caa74fc970388d69de40c7484941c7c34f1ea97d32cb678380840d8656c9688cfab68a882e3966b3b8033f105bb747573ad8148fa64e62467a1ab02740bb2b8b943fa744afab0dae888293423f0b45ff610bdb01a56a4fda7020a2670287576b9af8433e4697e3d83772814e60c97271621fa28f9568f69f2432cf96fd68ec587d91ffbbca8d7f0e84d36a459e806878e1ffec3304b76f967cf3814b727433f66cb19f5ad08