apaint-swc2-t01.sbb.ch

- Schweizerische Bundesbahnen SBB -

Issued by SwissSign RSA TLS OV ICA 2021 - 1

About this certificate

This digital certificate with serial number 24:e1:89:d1:c3:35:10:59:e9:a1:31:4a:da:30:6d:3c:d5:0a:2e:e4 was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Schweizerische Bundesbahnen SBB

Organization: Schweizerische Bundesbahnen SBB
State / Province: Bern
Locality: Bern
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 24:e1:89:d1:c3:35:10:59:e9:a1:31:4a:da:30:6d:3c:d5:0a:2e:e4
Serial Number (int): 210553341180989933262894107930475568018091552484
Serial Number lenght: 158 bits, 20 octets

SubjectKeyId: e2:25:bc:cd:7e:2c:b8:d9:5d:76:16:6e:06:61:7c:c8:7c:44:7a:38
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d

Fingerprint (sha1): 82:51:48:00:7d:a2:1e:23:f3:26:01:47:f2:f0:46:5a:67:49:20:87
Fingerprint (sha256): 02:92:3a:a5:c7:fc:56:74:6e:2a:3d:01:08:d0:9f:45:9e:52:04:b9:00:73:4c:24:a7:7d:54:82:b0:8d:3e:91

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D

Revocation information

OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate apaint-swc2-t01.sbb.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for apaint-swc2-t01.sbb.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

apaint-swc2-t01.sbb.ch
www.apaint-swc2-t01.sbb.ch

Other certificates including the domain name sbb.ch

(limited to 100 certificates)
i88507.sbb.ch
tel.sbb.ch
esq.sbb.ch
etcsst.sbb.ch
webservice.zvs.b2b.sbb.ch
rpn.sbb.ch
edgemail.sbb.ch
besichtigunghaegendorf.event.sbb.ch
hrstrategieanlass2022.event.sbb.ch
bim-industry-days.event.sbb.ch
origin.int-www.sbb.ch
ausbau-bahnhof-lenzburg.event.sbb.ch
ipv.sbb.ch
auth.sbb.ch
f2test.sbb.ch
qt1-ssl-client.sbb.ch
fs.sbb.ch
viewer.mud.sbb.ch
mobileprod.sbb.ch
austausch-buspartner.event.sbb.ch
polarion-coordinator-t.sbb.ch
secure05.stage.lithium.com
186e-d5751.event.sbb.ch
gtech-modelviewer.sbb.ch
clicks.freizeit.sbb.ch
previewserver.sbb.ch
austausch-buspartner.event.sbb.ch
oauthtester-ws.sbb.ch
smo.test.single.sbb.ch
kundenstimme.sbb.ch
fntcmd-prod.sbb.ch
hi1-ssl-client.sbb.ch
aditest3.sbb.ch
carbon.sbb.ch
dcs.info.sbb.ch
gewinnen.sbb.ch
elazt.sbb.ch
railbuyer.sbb.ch
tip.sbb.ch
bpoelscom501.sbb.ch
lea.sbb.ch
ftp-secure.sbb.ch
koserv.sbb.ch
apu-p-paq.sbb.ch
vmits04-t.cdc-dmz.sbb.ch
lira.sbb.ch
test1.event.sbb.ch
secure01.lithium.com
ictsca.sbb.ch
miku-ws.sbb.ch
events.sbb.ch
secure05.stage.lithium.com
biv-zvl-25042022.event.sbb.ch
int-infoportal.sbb.ch
secure01.lithium.com
kmsp.sbb.ch
f5int.sbb.ch
dim.sbb.ch
dms-int16.sbb.ch
apaint-swc2-t01.sbb.ch
api.solace01t.otc-test.sbb.ch
186e-d5751.event.sbb.ch
rsdpext.sbb.ch
polarion-coordinator.sbb.ch
carflt-otc2-p01.sbb.ch
besichtigungbahntechnikhaegendorf.event.sbb.ch
journey-maps-tiles.geocdn.sbb.ch
pv.mailing.railaway.ch
data.sbb.ch
sapdms-test.sbb.ch
railbuyer.sbb.ch
*.fpl-nonprod.aws.sbb.ch
4765-ec38.event.sbb.ch
fntcmd-prod.sbb.ch
sbbstimme.sbb.ch
nova-koserv-ws.sbb.ch
lscmeeting.event.sbb.ch
sso-inactive.sbb.ch
orbita.sbb.ch
microtrategy-day.event.sbb.ch
rgs-appl-prod-de.sbb.ch
lvsschiene.sbb.ch
mediacenter.sbb.ch
code-t.sbb.ch
klesy.sbb.ch
depotsystem.sbb.ch
company.sbb.ch
risportal.sbb.ch
secure01.lithium.com
f1.sbb.ch
vmits06.cdc-dmz.sbb.ch
trace-d.sbb.ch
f1test.sbb.ch
secretescapes.sbb.ch
trace-t.sbb.ch
company.sbb.ch
lisaint.sbb.ch
tip2.sbb.ch
*.app.sbb.ch
festtagskarte.sbb.ch

Certificate

The complete raw certificate details for apaint-swc2-t01.sbb.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIyDCCBrCgAwIBAgIUJOGJ0cM1EFnpoTFK2jBtPNUKLuQwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMDcxMzEz
MzkzN1oXDTIzMDcxMzEzMzkzN1owdjELMAkGA1UEBhMCQ0gxDTALBgNVBAgTBEJl
cm4xDTALBgNVBAcTBEJlcm4xKDAmBgNVBAoTH1NjaHdlaXplcmlzY2hlIEJ1bmRl
c2JhaG5lbiBTQkIxHzAdBgNVBAMTFmFwYWludC1zd2MyLXQwMS5zYmIuY2gwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRci14eoAe+XPhoy61m/JMUYzl
De4zee4G5hNV6ugLRHP9n0Ymp+K9q8GCyw4/3CiXTr9w207uFpnBIj4VMAeoDZb4
ze+gEbpVMh/GTYc3C+JYXJnOa3e7F+DVXTMN1UfwXS3LwNr8zx3KmVtmwIZmqlBH
n21EyFZ0XdeJRt0HxRvUG7MD9KD3qfUYLVrzpyhgu64nCoFlYgPVm6b69HBQm5TI
g5YDZm/zQjRBzjhqQAI42+zll+FG379k84PKrJYd09MhKXnwXuttIxtJgglmgNr6
vs5zaSTitCqFds7f9jARJXXZ0TVijs4OCk5GtK7+HVXh5yIqVMC59rt/xeARAgMB
AAGjggRyMIIEbjA9BgNVHREENjA0ghZhcGFpbnQtc3djMi10MDEuc2JiLmNoghp3
d3cuYXBhaW50LXN3YzItdDAxLnNiYi5jaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTiJbzNfiy42V12Fm4G
YXzIfER6ODAfBgNVHSMEGDAWgBSs0DrCwldVkWkRzHBqWTiKjKycPTCB/wYDVR0f
BIH3MIH0MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5uZXQvQUNEMDNBQzJD
MjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDCBqKCBpaCBooaBn2xkYXA6
Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5ldC9DTj1BQ0QwM0FDMkMyNTc1NTkxNjkx
MUNDNzA2QTU5Mzg4QThDQUM5QzNEJTJDTz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRp
ZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmli
dXRpb25Qb2ludDBvBgNVHSAEaDBmMFAGCGCFdAFZAgECMEQwQgYIKwYBBQUHAgEW
Nmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbl9DUFNf
VExTLnBkZjAIBgYEAI96AQcwCAYGZ4EMAQICMIHGBggrBgEFBQcBAQSBuTCBtjBk
BggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3Jp
dHkvZG93bmxvYWQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FD
OUMzRDBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Auc3dpc3NzaWduLm5ldC9BQ0Qw
M0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5QzNEMIIBgAYKKwYBBAHW
eQIEAgSCAXAEggFsAWoAdwBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZ
EwAAAYH3yV5dAAAEAwBIMEYCIQCOyxYEPvwQuS7ScHjEsTYT086967f6C0vJpFQM
bjEKWwIhAJmOJ3FinGwG7s5liv83jHi0isknhcO8P1R29iQmawrMAHYAejKMVNi3
LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGB98leygAABAMARzBFAiEAt5mT
RtXO1HL3JjSWrDJr84gICn0APFwf+1IxC3MfqlkCIAIIaGweEWTFKkG7AiSbkB2m
AfaNmPodZ53PM21UzGkOAHcArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvc
gooAAAGB98leVwAABAMASDBGAiEA3hsTOaNksFUO3totVcY8LlK6Ts5dEyi2vZf+
nA2yqB0CIQDEr8H6MEADgsFd3j2pDzOD3J+8ENa66kRI42/5ClGruzANBgkqhkiG
9w0BAQsFAAOCAgEADK1kbRUYfWTkHFAFDMD6Azd6al7G/vOrm09wut+dGKpn2WNq
wJinC42OwFQQGP926SKpLxENPAU6w1TJ+xvJLmeJtngbWDv24SBSnxwyUUXEWGu+
PLwWBWoRTq42XnjViBjtVPoms6mICP7P+J3a7XFLgzKYyWK2Q9DmqXGtMRnzHQnl
AYfqfkETCdXU7jBPWTLMpH5F25+HQef5k71TQqHh8sZgm8kJJf26n5eb+fykGsYS
+jxKVSyd/AVnaqyFKVtAGrkjsHa+sxzHfW908i2qKAMxLahRLOJzH1amkFjteqf0
+XSM6XugMOTTJz9h9NXZdnZ5HGkoZ0u4bm3ibXFAK4FmRkMNde0LYKHpO64rMFrm
lOXwroL16ycvqepiOU12Oeve9w+1JlzwLWwRF5I/xf07KHRHxeEgaTjHKEl1UG9b
tPYdb6adVvR2bYo3rGZoMF+FH0QVwGLv97LMZilu/4+k74QWG4F3Zk7O1K94Kaw/
X0puVX70QMT3z8bsPEVPLkFnZhEoiyy5N/Jz9yPT4FrBvLI8C3aHckiZtvMbl9p1
yJAEv+BNbOAcTs0p5IiauFCQS7UvjmoltH8sH4K28Lf0YDS3WzaZbv4KwwmXxyQ+
ov+CHgG22sB5CO4XgYd0wyGCG21G221jhLmAcbWQhDkov8/YQbcQKk5kp+g=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XIteHqAHvlz4aMutZvy
TFGM5Q3uM3nuBuYTVeroC0Rz/Z9GJqfivavBgssOP9wol06/cNtO7haZwSI+FTAH
qA2W+M3voBG6VTIfxk2HNwviWFyZzmt3uxfg1V0zDdVH8F0ty8Da/M8dyplbZsCG
ZqpQR59tRMhWdF3XiUbdB8Ub1BuzA/Sg96n1GC1a86coYLuuJwqBZWID1Zum+vRw
UJuUyIOWA2Zv80I0Qc44akACONvs5ZfhRt+/ZPODyqyWHdPTISl58F7rbSMbSYIJ
ZoDa+r7Oc2kk4rQqhXbO3/YwESV12dE1Yo7ODgpORrSu/h1V4eciKlTAufa7f8Xg
EQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 210553341180989933262894107930475568018091552484
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-13 13:39:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-13 13:39:37 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Schweizerische Bundesbahnen SBB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'apaint-swc2-t01.sbb.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26440108820578739540868820855712981952596733109245369160676337695083703916215120951565688119177973267620610048702491694442999146867807915024253877167889190222743263362211068364333599624075312761598271712612035977899868854659795077376401853428936184131479457463606412786035621169638164830160710685630314533280410630000273988615961192719827900014982099052514491605948245606768202061594353952783449636951750621707750972830471948338186167601430727931353007810033988790934007869159006343237801835107663857703422194348422234207394717261673382568224316161928919001676489490911996250130132941236139874792954290811781756870673
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apaint-swc2-t01.sbb.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.apaint-swc2-t01.sbb.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e225bccd7e2cb8d95d76166e06617cc87c447a38
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000181f7c95e5d00000403004830460221008ecb16043efc10b92ed27078c4b13613d3cebdebb7fa0b4bc9a4540c6e310a5b022100998e2771629c6c06eece658aff378c78b48ac92785c3bc3f5476f624266b0acc0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000181f7c95eca0000040300473045022100b7999346d5ced472f7263496ac326bf388080a7d003c5c1ffb52310b731faa5902200208686c1e1164c52a41bb02249b901da601f68d98fa1d679dcf336d54cc690e007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000181f7c95e570000040300483046022100de1b1339a364b0550ededa2d55c63c2e52ba4ece5d1328b6bd97fe9c0db2a81d022100c4afc1fa30400382c15dde3da90f3383dc9fbc10d6baea4448e36ff90a51abbb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		000cad646d15187d64e41c50050cc0fa03377a6a5ec6fef3ab9b4f70badf9d18aa67d9636ac098a70b8d8ec0541018ff76e922a92f110d3c053ac354c9fb1bc92e6789b6781b583bf6e120529f1c325145c4586bbe3cbc16056a114eae365e78d58818ed54fa26b3a98808fecff89ddaed714b833298c962b643d0e6a971ad3119f31d09e50187ea7e411309d5d4ee304f5932cca47e45db9f8741e7f993bd5342a1e1f2c6609bc90925fdba9f979bf9fca41ac612fa3c4a552c9dfc05676aac85295b401ab923b076beb31cc77d6f74f22daa2803312da8512ce2731f56a69058ed7aa7f4f9748ce97ba030e4d3273f61f4d5d97676791c6928674bb86e6de26d71402b816646430d75ed0b60a1e93bae2b305ae694e5f0ae82f5eb272fa9ea62394d7639ebdef70fb5265cf02d6c1117923fc5fd3b287447c5e1206938c7284975506f5bb4f61d6fa69d56f4766d8a37ac6668305f851f4415c062eff7b2cc66296eff8fa4ef84161b8177664eced4af7829ac3f5f4a6e557ef440c4f7cfc6ec3c454f2e41676611288b2cb937f273f723d3e05ac1bcb23c0b7687724899b6f31b97da75c89004bfe04d6ce01c4ecd29e4889ab850904bb52f8e6a25b47f2c1f82b6f0b7f46034b75b36996efe0ac30997c7243ea2ff821e01b6dac07908ee17818774c321821b6d46db6d6384b98071b590843928bfcfd841b7102a4e64a7e8