sso-inactive.sbb.ch

- Schweizerische Bundesbahnen SBB -

Issued by SwissSign RSA TLS OV ICA 2021 - 1

About this certificate

This digital certificate with serial number 60:9b:f1:99:56:69:72:d8:24:32:1a:8f:50:54:d0:e4:bf:44:6f:67 was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Schweizerische Bundesbahnen SBB

Organization: Schweizerische Bundesbahnen SBB
State / Province: Bern
Locality: Bern
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 60:9b:f1:99:56:69:72:d8:24:32:1a:8f:50:54:d0:e4:bf:44:6f:67
Serial Number (int): 551540775743833662163175468268960627513356480359
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 29:a9:99:bc:74:48:c4:e2:a4:ca:51:c6:5a:81:59:4b:91:54:22:2d
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d

Fingerprint (sha1): 96:87:94:60:c1:1b:c7:6c:65:6c:bc:b3:8c:27:a8:78:48:31:f9:2b
Fingerprint (sha256): 03:7d:a7:c0:4b:82:56:ae:6a:6c:f3:f5:16:92:ec:46:1b:01:d3:c0:75:ae:00:62:ee:2e:f1:9b:06:d5:ec:a2

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D

Revocation information

OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate sso-inactive.sbb.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sso-inactive.sbb.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sso-inactive.sbb.ch
sso-inactive-int.sbb.ch

Other certificates including the domain name sbb.ch

(limited to 100 certificates)
i88507.sbb.ch
tel.sbb.ch
esq.sbb.ch
etcsst.sbb.ch
oraaux-otc2-t04.sbb.ch
webservice.zvs.b2b.sbb.ch
rpn.sbb.ch
edgemail.sbb.ch
besichtigunghaegendorf.event.sbb.ch
hrstrategieanlass2022.event.sbb.ch
bim-industry-days.event.sbb.ch
origin.int-www.sbb.ch
ausbau-bahnhof-lenzburg.event.sbb.ch
ipv.sbb.ch
auth.sbb.ch
f2test.sbb.ch
qt1-ssl-client.sbb.ch
fs.sbb.ch
viewer.mud.sbb.ch
mobileprod.sbb.ch
austausch-buspartner.event.sbb.ch
polarion-coordinator-t.sbb.ch
secure05.stage.lithium.com
186e-d5751.event.sbb.ch
gtech-modelviewer.sbb.ch
clicks.freizeit.sbb.ch
previewserver.sbb.ch
austausch-buspartner.event.sbb.ch
oauthtester-ws.sbb.ch
smo.test.single.sbb.ch
kundenstimme.sbb.ch
fntcmd-prod.sbb.ch
hi1-ssl-client.sbb.ch
aditest3.sbb.ch
carbon.sbb.ch
dcs.info.sbb.ch
gewinnen.sbb.ch
elazt.sbb.ch
railbuyer.sbb.ch
tip.sbb.ch
bpoelscom501.sbb.ch
lea.sbb.ch
ftp-secure.sbb.ch
koserv.sbb.ch
apu-p-paq.sbb.ch
vmits04-t.cdc-dmz.sbb.ch
lira.sbb.ch
test1.event.sbb.ch
secure01.lithium.com
ictsca.sbb.ch
miku-ws.sbb.ch
events.sbb.ch
secure05.stage.lithium.com
biv-zvl-25042022.event.sbb.ch
int-infoportal.sbb.ch
secure01.lithium.com
kmsp.sbb.ch
f5int.sbb.ch
dim.sbb.ch
dms-int16.sbb.ch
apaint-swc2-t01.sbb.ch
api.solace01t.otc-test.sbb.ch
186e-d5751.event.sbb.ch
rsdpext.sbb.ch
polarion-coordinator.sbb.ch
carflt-otc2-p01.sbb.ch
besichtigungbahntechnikhaegendorf.event.sbb.ch
journey-maps-tiles.geocdn.sbb.ch
pv.mailing.railaway.ch
data.sbb.ch
sapdms-test.sbb.ch
railbuyer.sbb.ch
*.fpl-nonprod.aws.sbb.ch
4765-ec38.event.sbb.ch
fntcmd-prod.sbb.ch
sbbstimme.sbb.ch
nova-koserv-ws.sbb.ch
lscmeeting.event.sbb.ch
sso-inactive.sbb.ch
orbita.sbb.ch
microtrategy-day.event.sbb.ch
rgs-appl-prod-de.sbb.ch
lvsschiene.sbb.ch
dms.sbb.ch
mediacenter.sbb.ch
code-t.sbb.ch
klesy.sbb.ch
depotsystem.sbb.ch
company.sbb.ch
risportal.sbb.ch
secure01.lithium.com
f1.sbb.ch
vmits06.cdc-dmz.sbb.ch
trace-d.sbb.ch
f1test.sbb.ch
secretescapes.sbb.ch
trace-t.sbb.ch
company.sbb.ch
lisaint.sbb.ch
tip2.sbb.ch

Certificate

The complete raw certificate details for sso-inactive.sbb.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIvTCCBqWgAwIBAgIUYJvxmVZpctgkMhqPUFTQ5L9Eb2cwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMTAxNzEy
NDUyOVoXDTIzMTAxNzEyNDUyOVowczELMAkGA1UEBhMCQ0gxDTALBgNVBAgTBEJl
cm4xDTALBgNVBAcTBEJlcm4xKDAmBgNVBAoTH1NjaHdlaXplcmlzY2hlIEJ1bmRl
c2JhaG5lbiBTQkIxHDAaBgNVBAMTE3Nzby1pbmFjdGl2ZS5zYmIuY2gwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUwDeZfUhSz32NTY3BJcTaIrj0WMyv
hTtKyAuIJ0eZCKLpWbYjQ1W/LzDS01gva0ungZYvZaIdtSLL9WLb3NHSieFuFlv3
h8kwMaJjqkbf4lbK4JmhrXLHzskijzn59SqsuxoHlbBU6eDWbMB5C0KhTqiIsjml
yFSApyXZwGSc1YF1YN/DUYLtixIvcay/N682rwIpR2lLBZGfKGA9VV8nhiYAqqkK
zLSEz3hesxpJLp4vsaHTg77WRsrZY9cG8xoconHGomJI3ocbFODO0L6y2dW0MC/T
BRoHgjIXMOEessGAKDwWwzFHHWciXIPB58ifAZci8+rgYcgG2E1emSkrAgMBAAGj
ggRqMIIEZjA3BgNVHREEMDAughNzc28taW5hY3RpdmUuc2JiLmNoghdzc28taW5h
Y3RpdmUtaW50LnNiYi5jaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQpqZm8dEjE4qTKUcZagVlLkVQiLTAf
BgNVHSMEGDAWgBSs0DrCwldVkWkRzHBqWTiKjKycPTCB/wYDVR0fBIH3MIH0MEeg
RaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5uZXQvQUNEMDNBQzJDMjU3NTU5MTY5
MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDCBqKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rv
cnkuc3dpc3NzaWduLm5ldC9DTj1BQ0QwM0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5
Mzg4QThDQUM5QzNEJTJDTz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRlUmV2
b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2lu
dDBvBgNVHSAEaDBmMFAGCGCFdAFZAgECMEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8v
cmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbl9DUFNfVExTLnBkZjAI
BgYEAI96AQcwCAYGZ4EMAQICMIHGBggrBgEFBQcBAQSBuTCBtjBkBggrBgEFBQcw
AoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxv
YWQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDBOBggr
BgEFBQcwAYZCaHR0cDovL29jc3Auc3dpc3NzaWduLm5ldC9BQ0QwM0FDMkMyNTc1
NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5QzNEMIIBfgYKKwYBBAHWeQIEAgSCAW4E
ggFqAWgAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAYPl+ky7
AAAEAwBGMEQCIG2SzGAupDU2F+euaHd1bdKwZ3E3s3+7awpmnHneUIFDAiBZCDxD
buFDyDxHmAl+oEnKoBE3IdtGmiauLQgD6ZJVagB2AHoyjFTYty22IOo44FIe6YQW
cDIThU070ivBOlejUutSAAABg+X6TQkAAAQDAEcwRQIhAJFu1aRVMhjMCQCN6gYu
S5dHcw+K/309xFm3zde22AgKAiAkHQIrxC/68EB9wXDVpZjHBupb7iW6irMshE7F
ozpqWAB3AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABg+X6TNYA
AAQDAEgwRgIhAI/lt/2a2QURccpTKgxHqvQGi4HpaMtEnAYdyf7uXN4lAiEAySBm
uDgMU0WSKY19ocNJ7/NPbNNqSLGLNGhVZMgC1tQwDQYJKoZIhvcNAQELBQADggIB
ABvGTjWUUveNXC9E5zGf+dD2gLZqf0Du3ebKgwG2xqpiR8Jb/CZNjII9RkhG4iIE
PSZ1vDI7RaNC1diisYhHFt6fnb7ku5BgOJtJCEZU1aP071K6Tu717f7yNNowUzsb
zh6k80I6R6W9ByfDXDOJyZFpIf88BuZCLx9GISlGgCOKsQPvluGCcQhjgdTTWlmU
qLV0r+sYq6/MvOEcTwv3vvtuEZFfCGJtY2b90NvBudbTapAhDy8Wf5JsZLnQG/90
KATKi2j+Qx7HnSy4LAeWmrccPtqL4xBVJoFgVdJP0szGmd6+b+dbs9ZkZNiVXRZF
QLpqcQ5jT11D11iUft7fBDZpgDzyB1vuSjJ6WdBotqJXUM8DSFWK9qHO8rPyky/m
QnCmAmZT3bGEN87PJdjzLOzjfd24R+x430rD5S3/eXDnYmi7XqR0MpsKyxI4lCA0
mQ9Kegq83rTqAmkzdD6wTF5R3fFw7+m0RW0yOdyOOaMX+SQd2IavDOrCAolVsO6H
hKmLJjrZ5Vy6qy5Zs2RouWL9MCaaFuOJCLGAuLUQY1gh6+f1j9PLPZikbk6xXtYT
IwbRKkesjfwjFKqXwHHLbXBYh0a6oy1aESvmT1m0FctoIploAaUGp+TZ9N5MHdVn
ip9MRsWBEOymF8OQhz8vXZSUKCwgYpeeYs0q2Xbxs8uW
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMA3mX1IUs99jU2NwSXE
2iK49FjMr4U7SsgLiCdHmQii6Vm2I0NVvy8w0tNYL2tLp4GWL2WiHbUiy/Vi29zR
0onhbhZb94fJMDGiY6pG3+JWyuCZoa1yx87JIo85+fUqrLsaB5WwVOng1mzAeQtC
oU6oiLI5pchUgKcl2cBknNWBdWDfw1GC7YsSL3GsvzevNq8CKUdpSwWRnyhgPVVf
J4YmAKqpCsy0hM94XrMaSS6eL7Gh04O+1kbK2WPXBvMaHKJxxqJiSN6HGxTgztC+
stnVtDAv0wUaB4IyFzDhHrLBgCg8FsMxRx1nIlyDwefInwGXIvPq4GHIBthNXpkp
KwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 551540775743833662163175468268960627513356480359
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-17 12:45:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-17 12:45:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Schweizerische Bundesbahnen SBB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sso-inactive.sbb.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18778054962016798278838152452235482432671105966700815100940335331525233254899866491048964112111740477781151145677786207919442051067658406720235249620846243996762778722101097695796597927331141621141115027685451573095895330625447337540050641133234357409340253066559817206712625514574721373687478887402769962163925996684313049978638835139669664938553490221176404828741916708211897504008784096676497227350258754051350901633837157789756084926970925192587420370319147466065510465972165053710370022914777816952945775693499651133786439291733896039721783183813353042299696613477575756299199107818960750743085423320959517534507
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sso-inactive.sbb.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sso-inactive-int.sbb.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							29a999bc7448c4e2a4ca51c65a81594b9154222d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000183e5fa4cbb000004030046304402206d92cc602ea4353617e7ae6877756dd2b0677137b37fbb6b0a669c79de508143022059083c436ee143c83c4798097ea049caa0113721db469a26ae2d0803e992556a0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000183e5fa4d090000040300473045022100916ed5a4553218cc09008dea062e4b9747730f8aff7d3dc459b7cdd7b6d8080a0220241d022bc42ffaf0407dc170d5a598c706ea5bee25ba8ab32c844ec5a33a6a58007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000183e5fa4cd600000403004830460221008fe5b7fd9ad9051171ca532a0c47aaf4068b81e968cb449c061dc9feee5cde25022100c92066b8380c534592298d7da1c349eff34f6cd36a48b18b34685564c802d6d4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		001bc64e359452f78d5c2f44e7319ff9d0f680b66a7f40eedde6ca8301b6c6aa6247c25bfc264d8c823d464846e222043d2675bc323b45a342d5d8a2b1884716de9f9dbee4bb9060389b49084654d5a3f4ef52ba4eeef5edfef234da30533b1bce1ea4f3423a47a5bd0727c35c3389c9916921ff3c06e6422f1f4621294680238ab103ef96e18271086381d4d35a5994a8b574afeb18abafccbce11c4f0bf7befb6e11915f08626d6366fdd0dbc1b9d6d36a90210f2f167f926c64b9d01bff742804ca8b68fe431ec79d2cb82c07969ab71c3eda8be3105526816055d24fd2ccc699debe6fe75bb3d66464d8955d164540ba6a710e634f5d43d758947ededf043669803cf2075bee4a327a59d068b6a25750cf0348558af6a1cef2b3f2932fe64270a6026653ddb18437cecf25d8f32cece37dddb847ec78df4ac3e52dff7970e76268bb5ea474329b0acb1238942034990f4a7a0abcdeb4ea026933743eb04c5e51ddf170efe9b4456d3239dc8e39a317f9241dd886af0ceac2028955b0ee8784a98b263ad9e55cbaab2e59b36468b962fd30269a16e38908b180b8b510635821ebe7f58fd3cb3d98a46e4eb15ed6132306d12a47ac8dfc2314aa97c071cb6d70588746baa32d5a112be64f59b415cb6822996801a506a7e4d9f4de4c1dd5678a9f4c46c58110eca617c390873f2f5d9494282c2062979e62cd2ad976f1b3cb96