vmits04-t.cdc-dmz.sbb.ch

- Schweizerische Bundesbahnen SBB -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 73:bd:89:82:58:cc:bb:c6:91:2a:13:f2:24:57:14:4a:f3:4e:f3:b9 was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Schweizerische Bundesbahnen SBB

Organization: Schweizerische Bundesbahnen SBB
State / Province: BE
Locality: Bern
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 73:bd:89:82:58:cc:bb:c6:91:2a:13:f2:24:57:14:4a:f3:4e:f3:b9
Serial Number (int): 660760758225179284667264592251905154150680163257
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 97:47:39:47:c6:8a:d3:85:60:66:b8:86:67:0f:7a:50:93:60:99:6b
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 3c:47:45:1d:50:c5:5f:1a:9f:3d:b8:c5:c4:eb:a5:66:7a:49:29:16
Fingerprint (sha256): 01:e6:74:94:ba:a9:0f:08:39:cb:8c:1d:03:bb:e4:e5:8b:92:2e:04:bb:be:75:b8:20:bf:8a:8e:e2:04:d7:00

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate vmits04-t.cdc-dmz.sbb.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vmits04-t.cdc-dmz.sbb.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vmits04-t.cdc-dmz.sbb.ch

Other certificates including the domain name sbb.ch

(limited to 100 certificates)
i88507.sbb.ch
tel.sbb.ch
esq.sbb.ch
etcsst.sbb.ch
webservice.zvs.b2b.sbb.ch
rpn.sbb.ch
edgemail.sbb.ch
besichtigunghaegendorf.event.sbb.ch
hrstrategieanlass2022.event.sbb.ch
bim-industry-days.event.sbb.ch
origin.int-www.sbb.ch
ausbau-bahnhof-lenzburg.event.sbb.ch
ipv.sbb.ch
auth.sbb.ch
f2test.sbb.ch
qt1-ssl-client.sbb.ch
fs.sbb.ch
viewer.mud.sbb.ch
mobileprod.sbb.ch
austausch-buspartner.event.sbb.ch
polarion-coordinator-t.sbb.ch
secure05.stage.lithium.com
186e-d5751.event.sbb.ch
gtech-modelviewer.sbb.ch
clicks.freizeit.sbb.ch
previewserver.sbb.ch
austausch-buspartner.event.sbb.ch
oauthtester-ws.sbb.ch
smo.test.single.sbb.ch
kundenstimme.sbb.ch
fntcmd-prod.sbb.ch
hi1-ssl-client.sbb.ch
aditest3.sbb.ch
carbon.sbb.ch
dcs.info.sbb.ch
gewinnen.sbb.ch
elazt.sbb.ch
railbuyer.sbb.ch
tip.sbb.ch
bpoelscom501.sbb.ch
lea.sbb.ch
ftp-secure.sbb.ch
koserv.sbb.ch
apu-p-paq.sbb.ch
vmits04-t.cdc-dmz.sbb.ch
lira.sbb.ch
test1.event.sbb.ch
secure01.lithium.com
ictsca.sbb.ch
miku-ws.sbb.ch
events.sbb.ch
secure05.stage.lithium.com
biv-zvl-25042022.event.sbb.ch
int-infoportal.sbb.ch
secure01.lithium.com
kmsp.sbb.ch
f5int.sbb.ch
dim.sbb.ch
dms-int16.sbb.ch
apaint-swc2-t01.sbb.ch
api.solace01t.otc-test.sbb.ch
186e-d5751.event.sbb.ch
rsdpext.sbb.ch
polarion-coordinator.sbb.ch
carflt-otc2-p01.sbb.ch
besichtigungbahntechnikhaegendorf.event.sbb.ch
journey-maps-tiles.geocdn.sbb.ch
pv.mailing.railaway.ch
data.sbb.ch
sapdms-test.sbb.ch
railbuyer.sbb.ch
*.fpl-nonprod.aws.sbb.ch
4765-ec38.event.sbb.ch
fntcmd-prod.sbb.ch
sbbstimme.sbb.ch
nova-koserv-ws.sbb.ch
lscmeeting.event.sbb.ch
sso-inactive.sbb.ch
orbita.sbb.ch
microtrategy-day.event.sbb.ch
rgs-appl-prod-de.sbb.ch
lvsschiene.sbb.ch
mediacenter.sbb.ch
code-t.sbb.ch
klesy.sbb.ch
depotsystem.sbb.ch
company.sbb.ch
risportal.sbb.ch
secure01.lithium.com
f1.sbb.ch
vmits06.cdc-dmz.sbb.ch
trace-d.sbb.ch
f1test.sbb.ch
secretescapes.sbb.ch
trace-t.sbb.ch
company.sbb.ch
lisaint.sbb.ch
tip2.sbb.ch
*.app.sbb.ch
festtagskarte.sbb.ch

Certificate

The complete raw certificate details for vmits04-t.cdc-dmz.sbb.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII2jCCBsKgAwIBAgIUc72JgljMu8aRKhPyJFcUSvNO87kwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDMxMTA2
NTc1OFoXDTI1MDMxMTA2NTc1OFowdjELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkJF
MQ0wCwYDVQQHDARCZXJuMSgwJgYDVQQKDB9TY2h3ZWl6ZXJpc2NoZSBCdW5kZXNi
YWhuZW4gU0JCMSEwHwYDVQQDExh2bWl0czA0LXQuY2RjLWRtei5zYmIuY2gwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF25u3JDDZ901CZaZBgIGh//r4
xxcBJ8d7wVBxQ4Ozjj4t8ljDyGJWwwGX5/QfFpILge4RIXevESDsDpRwvwYdqjN/
4cq8291NWexHaC/2sEzP/GtbdaAslAnIESnSlRgyy9iCMVy0OQ58M5H5XEntFVHk
ePJinFTXigG2bH7AQIHXHnEtQHqQV+FIRhl+Jq8xnsLq76P0w5GtXwFcYKgQPaMx
isn0gy0Zo4Y1+7PANDEXYTaHoS5p1iFfXLH7gWcWIqlZ7dQSNkv9GkuQUcjgwhRY
UFFI1NVPP8Jt2rMY+Lgq2m6mywf0weXIwxq0FOUvjUiURigOle8Ae/Gc0xo3AgMB
AAGjggSEMIIEgDCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKGQGh0dHA6
Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0wZjJiZjlhNS1kZDM3LTQ4YzktYTg1Yi0x
MmFjZGNiOGJlNDUwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNzc2lnbi5j
aC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3M2VmZWMw
bwYDVR0gBGgwZjAIBgZngQwBAgIwCAYGBACPegEHMFAGCGCFdAFZAgECMEQwQgYI
KwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3aXNz
U2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vY3JsLnN3
aXNzc2lnbi5jaC9jZHAtOTZiNjJmNWEtNmI3My00ZGE0LTg3ZjctY2U0MDAyYzFj
ZDM0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMC
BaAwIwYDVR0RBBwwGoIYdm1pdHMwNC10LmNkYy1kbXouc2JiLmNoMB0GA1UdDgQW
BBSXRzlHxorThWBmuIZnD3pQk2CZazAfBgNVHSMEGDAWgBR8bwpvEw/ZjCRvJjTz
XGtDbbcjtjCCAm8GCisGAQQB1nkCBAIEggJfBIICWwJZAHYAVYHUwhaQNgFK6gub
VzxT8MDkOHhwJQgXL6OqHQcT0wwAAAGOLE3ILAAABAMARzBFAiBYCQk+DhbsHTOZ
/Tbl6QT1JNB6ByBBzONfE2N38VPXLgIhAL9pgFnl861Y2YUeuYid70hade5RDGW0
HHk736fCxfp8AHYAKOKBOP2DIUXpqdaqdTdtg3eohRKzwH9yQUgh3L3pjGYAAAGO
LE3LLwAABAMARzBFAiEA656s9+b+Ho3/d0ckT4Mb3dAgqzcpHMnMJJatLW472cwC
IE7F+gjM66tnlSXftkpihAbV/8fhoP8vfiDieRPL2tQeAHYAzxFW7tUufK/zh1vZ
aS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOLE3GqQAABAMARzBFAiAwLm1OfDjRHVbC
Ua+ycQ73aJWtzVWql05mPaz1th2eSgIhAK/I8MynfwkygTv6vFx03pGGdOYUyGbu
s5mq4dtFvD0cAHcAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGO
LE3ItgAABAMASDBGAiEAjkkRbJym3jOluzlaaMLdMmrvLnUaNQR+WmY87cnO414C
IQDVnjdj7+OXTjhw7exl1tId8R/C5N2daFf0fLP40BNvCgB2AE51oydcmhDDOFts
1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjixNxtcAAAQDAEcwRQIhANUS6vPTmjlE
eUt97UaznRGMOgANUJA4FFk2UjBBdwHdAiAxxVKBkyso2dz3x6vbl6Q+emZVVlSu
nAV3MhRwca76bjANBgkqhkiG9w0BAQsFAAOCAgEAhSwAKZO/MG2rrPCFAO3gIgXm
7RbkLrYj5XF+deII1cMcxwjgPPGrVxiMLo5l5FuH9v/ls+avLHr8oVhO5Xgsvu/d
fgwmmVNK86Kk/zkGex8OZm2NPfKioIX8cqX0JO/sfng/tXxUvJq6cC2LOr6lnp6L
VOq9lXYZZBY4gOqhEqjCWtX5vEzFgtQ1S4R/wjZ7f3LsrUffCsB4zMYBPSu+0XpT
sAb9lQwVRwLXOZmGsn69lGsR/OF3Me9HH9dHN/BBjCtg3gs/VYO6GApB+8TcGv5Q
d4jC15wXA917kXFH/lvmVdY3P2Sgco6ItuSBOf+jiurmTVO5eCxI+SecD2jrGmXQ
8A7jow76QOH5SgdR73I0WKiLNSmuHjezCEv+QawoKQqauSLLc3C1F0hxTf6fKwQb
wV9lLCNmz1TUuTA36GCowHWzvhILTAZrKT8/IrMld9sR5hws0BeiwczE1jHx9lGN
TH+giToEUFTLdF14mlGV2c2hWuy8YPXNvLYHJMuYlCUY5QnfSz4JDIxlIsCPI77a
3TAK4ml69nd+WADRrXlmoiSriJ3UrW1X2oIJxfk4yEcFNBIm1HwotlqfmXnX46ID
risgN1NWVbfEsc5Z99ik4RhUZkb4iOTHbmaBbJNAhMw7uP0RFZGCZXSSvpkieWDg
NnMDOABZkOSxVdqOILM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdubtyQw2fdNQmWmQYCB
of/6+McXASfHe8FQcUODs44+LfJYw8hiVsMBl+f0HxaSC4HuESF3rxEg7A6UcL8G
Haozf+HKvNvdTVnsR2gv9rBMz/xrW3WgLJQJyBEp0pUYMsvYgjFctDkOfDOR+VxJ
7RVR5HjyYpxU14oBtmx+wECB1x5xLUB6kFfhSEYZfiavMZ7C6u+j9MORrV8BXGCo
ED2jMYrJ9IMtGaOGNfuzwDQxF2E2h6EuadYhX1yx+4FnFiKpWe3UEjZL/RpLkFHI
4MIUWFBRSNTVTz/CbdqzGPi4KtpupssH9MHlyMMatBTlL41IlEYoDpXvAHvxnNMa
NwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 660760758225179284667264592251905154150680163257
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-11 06:57:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-11 06:57:58 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Schweizerische Bundesbahnen SBB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vmits04-t.cdc-dmz.sbb.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24977238949060352091181500345549096618682212152092219439462794948136029589700347647248146481083315456166835955929482426502990840305256059408412613804326185483595562835603165128996216789659229289084724756987817859184208604511007947430615766211763121520050115198998835784622028583199475655185886771698056667904746308867871314135900189827335233506389315601054205042674142361914456198982497761089455804549197662329680705378495879836924777475792046975167201522141222949182284690262606132172437353092144153753549792403273838597299533668943212367994934466704440680047843217978715584872370510967903249619729287042959213271607
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vmits04-t.cdc-dmz.sbb.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							97473947c68ad3856066b886670f7a509360996b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (607 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes)
							02590076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018e2c4dc82c000004030047304502205809093e0e16ec1d3399fd36e5e904f524d07a072041cce35f136377f153d72e022100bf698059e5f3ad58d9851eb9889def485a75ee510c65b41c793bdfa7c2c5fa7c00760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018e2c4dcb2f0000040300473045022100eb9eacf7e6fe1e8dff7747244f831bddd020ab37291cc9cc2496ad2d6e3bd9cc02204ec5fa08ccebab679525dfb64a628406d5ffc7e1a0ff2f7e20e27913cbdad41e007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e2c4dc6a900000403004730450220302e6d4e7c38d11d56c251afb2710ef76895adcd55aa974e663dacf5b61d9e4a022100afc8f0cca77f0932813bfabc5c74de918674e614c866eeb399aae1db45bc3d1c007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018e2c4dc8b600000403004830460221008e49116c9ca6de33a5bb395a68c2dd326aef2e751a35047e5a663cedc9cee35e022100d59e3763efe3974e3870edec65d6d21df11fc2e4dd9d6857f47cb3f8d0136f0a0076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e2c4dc6d70000040300473045022100d512eaf3d39a3944794b7ded46b39d118c3a000d5090381459365230417701dd022031c55281932b28d9dcf7c7abdb97a43e7a66555654ae9c057732147071aefa6e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00852c002993bf306dabacf08500ede02205e6ed16e42eb623e5717e75e208d5c31cc708e03cf1ab57188c2e8e65e45b87f6ffe5b3e6af2c7afca1584ee5782cbeefdd7e0c2699534af3a2a4ff39067b1f0e666d8d3df2a2a085fc72a5f424efec7e783fb57c54bc9aba702d8b3abea59e9e8b54eabd95761964163880eaa112a8c25ad5f9bc4cc582d4354b847fc2367b7f72ecad47df0ac078ccc6013d2bbed17a53b006fd950c154702d7399986b27ebd946b11fce17731ef471fd74737f0418c2b60de0b3f5583ba180a41fbc4dc1afe507788c2d79c1703dd7b917147fe5be655d6373f64a0728e88b6e48139ffa38aeae64d53b9782c48f9279c0f68eb1a65d0f00ee3a30efa40e1f94a0751ef723458a88b3529ae1e37b3084bfe41ac28290a9ab922cb7370b51748714dfe9f2b041bc15f652c2366cf54d4b93037e860a8c075b3be120b4c066b293f3f22b32577db11e61c2cd017a2c1ccc4d631f1f6518d4c7fa0893a045054cb745d789a5195d9cda15aecbc60f5cdbcb60724cb98942518e509df4b3e090c8c6522c08f23bedadd300ae2697af6777e5800d1ad7966a224ab889dd4ad6d57da8209c5f938c84705341226d47c28b65a9f9979d7e3a203ae2b2037535655b7c4b1ce59f7d8a4e118546646f888e4c76e66816c934084cc3bb8fd11159182657492be99227960e036730338005990e4b155da8e20b3