p22-ssl-client-fi-hcm.kaufland.com
- Kaufland Stiftung & Co. KG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 42:88:46:16:88:ca:c7:27:0a:23:7f:56:b1:2b:f1:21:98:98:80:db was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Kaufland Stiftung & Co. KG
Organization:
Kaufland Stiftung & Co. KG
State / Province:
BW
Locality: Neckarsulm
Country: DE
Locality: Neckarsulm
Country: DE
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 42:88:46:16:88:ca:c7:27:0a:23:7f:56:b1:2b:f1:21:98:98:80:dbSerial Number (int): 379832397749428759509267635963187726250591944923
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 2b:b8:a2:fb:db:bb:43:41:6f:ec:64:b4:11:cd:90:24:e3:74:8b:22
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): e5:fc:df:22:27:a9:e9:95:56:4b:6d:d3:75:0b:f4:73:cb:db:23:fc
Fingerprint (sha256): 02:3f:1e:81:8c:d3:09:43:7e:3a:09:3c:7d:92:10:9f:76:92:79:71:6d:e0:c2:77:4a:1e:f5:fc:3d:b2:5e:ae
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate p22-ssl-client-fi-hcm.kaufland.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for p22-ssl-client-fi-hcm.kaufland.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.p22-ssl-client-fi-hcm.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
Other certificates including the domain name kaufland.com
(limited to 100 certificates)
iqpim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
media.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
ssl2.ipaper.io
mobsot02.kaufland.com
ssl.ipaper.io
pim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
at2-ssl-client-fi-hcm.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
portal.eu.kaufland.com
qs2-ssl-client-fi-hcm.kaufland.com
iapim.kaufland.com
kaufland-blumen.de
asset.kaufland.com
*.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
remote.au.kaufland.com
www-pc.kaufland.com
ssl3.ipaper.io
ssl2.ipaper.io
ssl2.ipaper.io
*.ipaper.io
media-q.kaufland.com
media.kaufland.com
se1-ucexe-p011.uc.schwarz
ssl.ipaper.io
ssl3.ipaper.io
ssl2.ipaper.io
*.ipaper.io
test-hr-portal.kaufland.com
portal.eu.kaufland.com
www-ac.kaufland.com
giftcard-q.kaufland.com
portal.eu.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
www-q.kaufland.com
connect-app.kaufland.com
ssl.ipaper.io
media.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
ssl2.ipaper.io
ssl.ipaper.io
*.leaflets.kaufland.com
media.kaufland.com
iqpim.kaufland.com
assets.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
*.ipaper.io
filex-test.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
jobs.kaufland.com
secmail.kaufland.com
account.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
*.ipaper.io
webassets.kaufland.com
account.kaufland.com
www-ec.kaufland.com
asset.kaufland.com
*.leaflets.kaufland.com
account-qs.kaufland.com
*.kaufland.com
www-fc.kaufland.com
kauf.land
*.ipaper.io
www-p.kaufland.com
kaufland.com
*.ipaper.io
ssl2.ipaper.io
dam.kaufland.com
se1-ucexe-p013.uc.schwarz
remote.cz.kaufland.com
www-q.kaufland.com
www-ac.kaufland.com
*.ipaper.io
mobsot.kaufland.com
*.ipaper.io
ssl.ipaper.io
eu.limo.remote.schwarz
jobs.kaufland.com
doa.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
www-q.kaufland.com
remote.eu.kaufland.com
ssl.ipaper.io
www-qc.kaufland.com
www-pc.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
media.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
ssl2.ipaper.io
mobsot02.kaufland.com
ssl.ipaper.io
pim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
at2-ssl-client-fi-hcm.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
portal.eu.kaufland.com
qs2-ssl-client-fi-hcm.kaufland.com
iapim.kaufland.com
kaufland-blumen.de
asset.kaufland.com
*.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
remote.au.kaufland.com
www-pc.kaufland.com
ssl3.ipaper.io
ssl2.ipaper.io
ssl2.ipaper.io
*.ipaper.io
media-q.kaufland.com
media.kaufland.com
se1-ucexe-p011.uc.schwarz
ssl.ipaper.io
ssl3.ipaper.io
ssl2.ipaper.io
*.ipaper.io
test-hr-portal.kaufland.com
portal.eu.kaufland.com
www-ac.kaufland.com
giftcard-q.kaufland.com
portal.eu.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
www-q.kaufland.com
connect-app.kaufland.com
ssl.ipaper.io
media.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
ssl2.ipaper.io
ssl.ipaper.io
*.leaflets.kaufland.com
media.kaufland.com
iqpim.kaufland.com
assets.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
*.ipaper.io
filex-test.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
jobs.kaufland.com
secmail.kaufland.com
account.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
*.ipaper.io
webassets.kaufland.com
account.kaufland.com
www-ec.kaufland.com
asset.kaufland.com
*.leaflets.kaufland.com
account-qs.kaufland.com
*.kaufland.com
www-fc.kaufland.com
kauf.land
*.ipaper.io
www-p.kaufland.com
kaufland.com
*.ipaper.io
ssl2.ipaper.io
dam.kaufland.com
se1-ucexe-p013.uc.schwarz
remote.cz.kaufland.com
www-q.kaufland.com
www-ac.kaufland.com
*.ipaper.io
mobsot.kaufland.com
*.ipaper.io
ssl.ipaper.io
eu.limo.remote.schwarz
jobs.kaufland.com
doa.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
www-q.kaufland.com
remote.eu.kaufland.com
ssl.ipaper.io
www-qc.kaufland.com
www-pc.kaufland.com
Certificate
The complete raw certificate details for p22-ssl-client-fi-hcm.kaufland.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJGDCCBwCgAwIBAgIUQohGFojKxycKI39WsSvxIZiYgNswDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDIyOTEx MDY0NFoXDTI1MDIyODExMDY0NFowgYExCzAJBgNVBAYTAkRFMQswCQYDVQQIDAJC VzETMBEGA1UEBwwKTmVja2Fyc3VsbTEjMCEGA1UECgwaS2F1ZmxhbmQgU3RpZnR1 bmcgJiBDby4gS0cxKzApBgNVBAMTInAyMi1zc2wtY2xpZW50LWZpLWhjbS5rYXVm bGFuZC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKsRwqrmwV cm5pJ0/ca8dGyheZTu6/fy8/xG0j4ScRU5eJXpLeu3UbwUGIyer1Z3DAZxnq8zXb zMbP0zCgcIwbK+728k5xtugAgYFXLNVmPp49U6NWxZTta9N0UfEwmwPKlaDX0yfK oA7/hBetvE82WZrPYgfhvOt5VJsqC3XkGXcmjxF/wZdQtbead8Ou/lFS3r3oxSoP nbDBcYKhEs6xaJMrZ9DWE/ldA3gbJSxrMB1JN+MsOHrhutdyC34HptumZEZbrXT2 1EtNb4VOn0ZNPwnXiDwk39QkjgJ/LxytKsGui4qNTwEUcsP5LBRLDPqlKiqrG7sV g9HFyLkstVyRAgMBAAGjggS2MIIEsjCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYB BQUHMAKGQGh0dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0wZjJiZjlhNS1kZDM3 LTQ4YzktYTg1Yi0xMmFjZGNiOGJlNDUwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3Nw LnN3aXNzc2lnbi5jaC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1m ZDI5YWI3M2VmZWMwbwYDVR0gBGgwZjAIBgZngQwBAgIwCAYGBACPegEHMFAGCGCF dAFZAgECMEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3Np Z24uY29tL1N3aXNzU2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBo dHRwOi8vY3JsLnN3aXNzc2lnbi5jaC9jZHAtOTZiNjJmNWEtNmI3My00ZGE0LTg3 ZjctY2U0MDAyYzFjZDM0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAO BgNVHQ8BAf8EBAMCBaAwVQYDVR0RBE4wTIImd3d3LnAyMi1zc2wtY2xpZW50LWZp LWhjbS5rYXVmbGFuZC5jb22CInAyMi1zc2wtY2xpZW50LWZpLWhjbS5rYXVmbGFu ZC5jb20wHQYDVR0OBBYEFCu4ovvbu0NBb+xktBHNkCTjdIsiMB8GA1UdIwQYMBaA FHxvCm8TD9mMJG8mNPNca0NttyO2MIICbwYKKwYBBAHWeQIEAgSCAl8EggJbAlkA dgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAY30i5PgAAAEAwBH MEUCIE1YWwLtKWJSVh2btJfpB0L0ol41T+b3fuyaFJgVwph5AiEAl1/mbihZdgV9 RLtR9a1gaOae+FGEIByHkgACAWVpoGQAdgAo4oE4/YMhRemp1qp1N22Dd6iFErPA f3JBSCHcvemMZgAAAY30i5YIAAAEAwBHMEUCIDU007ATwVton71s00xgeP5mYPJ6 gMy++eryWaQMgjAsAiEAjvH84TovZx70XmKWa9rf/bPYqUCrcgCQGCaeglwqPDsA dwDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY30i5K1AAAEAwBI MEYCIQCWa20Z2HjwLGfTiNEh1u1934Ey1EhkbgcHBUb+L9EteQIhAI9n0Bb7HQn5 ikYyFxn85JtAk2LIAz6QuCmP9wAE5vm8AHYAzPsPaoVxCWX+lZtTzumyfCLphVwN l422qX5UwP5MDbAAAAGN9IuTEgAABAMARzBFAiEAqBmU7OaLYaNqx/r40smaldYW 12hqJnqVQ6PFwLcxZb0CIHeRe2GgJOZXKz11EAWfpiJJxiuxtK3MNzIPFzVaJ1xc AHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGN9IuS8QAABAMA RzBFAiEA7aviYnpcpo3EnL9ZT8+6k76EOpYdqJUwliKE9anovoACIDk4bLe2wnAk TqM1KjLoOrjMrnwDiiWHSTVnyGzg3yfEMA0GCSqGSIb3DQEBCwUAA4ICAQBDuZgS 81dq65X03eD2quuQfwwR6bc7q6EV7P2sgwNjolvtd5G0H5A3stx/g1BPXV84W6ot BoE8LaNLH86u7mFyzvqC/jzNfY7TdPjD+PB/xfrk6it9i3oLhHniYOIWXxrg7o4R bqSH+JhSs+D/+hx+S7HokaglI8EjGsIbPQjC5z7pjAVjzA9vnlj7TWEqiMgLrEts 9qFWgTAWPsQEkv4BkaN2nDkl+PsRILOOhD+bjL3V1yvelTfaLU0XNA3wYE6axPZp 7QJRCq187UJIssz/9DNNtsVOQkDVkiNPKTWvH6H9bhLdc1RfeizmQdcQA8Z1d5iM /8cFqxEWiK3KB5RTp+hRA6wdSNoVCnnkzJJuvoTvDA73De+84ca6ZQULEGQCfH7a SGZ1MkbMQQqyWHHq5tIG9k+C8VFu2PaemFmzJTe4dH5/uNSsBV5sKhvqiZvOG4b7 7n/9yzm+AeAbPYB0XMfQEOMUbeCuPMvNFUr1Jb+awpCKmlvw6tDixyJCx5M2lESD OsxWcJmhabTwbrxSVypcqv7PVXv4gyO8kedfTnQTqlbTnjXkXYI7Q0A907ToyFip MceYApen3R0R8h+/AXSfhwOBthFmiBHqpPaMhRUeJEulZ2Vc27S05blYz2SVRyVD a9yl2zl9bhimcXWWKQpLxeMhgMRHkzOzkvJaSg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirEcKq5sFXJuaSdP3GvH RsoXmU7uv38vP8RtI+EnEVOXiV6S3rt1G8FBiMnq9WdwwGcZ6vM128zGz9MwoHCM Gyvu9vJOcbboAIGBVyzVZj6ePVOjVsWU7WvTdFHxMJsDypWg19MnyqAO/4QXrbxP Nlmaz2IH4bzreVSbKgt15Bl3Jo8Rf8GXULW3mnfDrv5RUt696MUqD52wwXGCoRLO sWiTK2fQ1hP5XQN4GyUsazAdSTfjLDh64brXcgt+B6bbpmRGW6109tRLTW+FTp9G TT8J14g8JN/UJI4Cfy8crSrBrouKjU8BFHLD+SwUSwz6pSoqqxu7FYPRxci5LLVc kQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 379832397749428759509267635963187726250591944923 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 11:06:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-28 11:06:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BW' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Neckarsulm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Kaufland Stiftung & Co. KG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'p22-ssl-client-fi-hcm.kaufland.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17508222294332701642461324602104185527725294538203452747254873521787102415812608060985323349366588948039123256005063077486616226550169033348718350418094046978165801261528980061564405977067220555091446720211253942539656544267794738421320536337052116243848161599358647185952495281755691930118790963615060458348885176998629598632946735133530209606423854686820777626531730772484758323951985091005789543768764233314130499918133385324815901239508514959269132487131418216479040737784680487414831714591928430539790803855238331265355576936302007796800593092183055066069750097637222134128127235772586904213635037585036081978513 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (78 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.p22-ssl-client-fi-hcm.kaufland.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p22-ssl-client-fi-hcm.kaufland.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2bb8a2fbdbbb43416fec64b411cd9024e3748b22 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (607 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes) 02590076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018df48b93e0000004030047304502204d585b02ed296252561d9bb497e90742f4a25e354fe6f77eec9a149815c29879022100975fe66e285976057d44bb51f5ad6068e69ef85184201c87920002016569a06400760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018df48b9608000004030047304502203534d3b013c15b689fbd6cd34c6078fe6660f27a80ccbef9eaf259a40c82302c0221008ef1fce13a2f671ef45e62966bdadffdb3d8a940ab72009018269e825c2a3c3b007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018df48b92b50000040300483046022100966b6d19d878f02c67d388d121d6ed7ddf8132d448646e07070546fe2fd12d790221008f67d016fb1d09f98a46321719fce49b409362c8033e90b8298ff70004e6f9bc007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018df48b93120000040300473045022100a81994ece68b61a36ac7faf8d2c99a95d616d7686a267a9543a3c5c0b73165bd022077917b61a024e6572b3d7510059fa62249c62bb1b4adcc37320f17355a275c5c0076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018df48b92f10000040300473045022100edabe2627a5ca68dc49cbf594fcfba93be843a961da89530962284f5a9e8be80022039386cb7b6c270244ea3352a32e83ab8ccae7c038a2587493567c86ce0df27c4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0043b99812f3576aeb95f4dde0f6aaeb907f0c11e9b73baba115ecfdac830363a25bed7791b41f9037b2dc7f83504f5d5f385baa2d06813c2da34b1fceaeee6172cefa82fe3ccd7d8ed374f8c3f8f07fc5fae4ea2b7d8b7a0b8479e260e2165f1ae0ee8e116ea487f89852b3e0fffa1c7e4bb1e891a82523c1231ac21b3d08c2e73ee98c0563cc0f6f9e58fb4d612a88c80bac4b6cf6a1568130163ec40492fe0191a3769c3925f8fb1120b38e843f9b8cbdd5d72bde9537da2d4d17340df0604e9ac4f669ed02510aad7ced4248b2ccfff4334db6c54e4240d592234f2935af1fa1fd6e12dd73545f7a2ce641d71003c67577988cffc705ab111688adca079453a7e85103ac1d48da150a79e4cc926ebe84ef0c0ef70defbce1c6ba65050b1064027c7eda4866753246cc410ab25871eae6d206f64f82f1516ed8f69e9859b32537b8747e7fb8d4ac055e6c2a1bea899bce1b86fbee7ffdcb39be01e01b3d80745cc7d010e3146de0ae3ccbcd154af525bf9ac2908a9a5bf0ead0e2c72242c793369444833acc567099a169b4f06ebc52572a5caafecf557bf88323bc91e75f4e7413aa56d39e35e45d823b43403dd3b4e8c858a931c7980297a7dd1d11f21fbf01749f870381b611668811eaa4f68c85151e244ba567655cdbb4b4e5b958cf64954725436bdca5db397d6e18a6717596290a4bc5e32180c4479333b392f25a4a