test.b2b.ge.ch

- Republique et Canton de Geneve -

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate

This digital certificate with serial number 30:06:03:38:9f:fb:3a:ce:59:04:0a:d7:ae:f6:ad:74:70:55:a3:95 was issued on by SwissSign AG.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [ContentCommitment DataEncipherment DigitalSignature KeyEncipherment] (00001111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Republique et Canton de Geneve

Organization: Republique et Canton de Geneve
Organization unit: Direction Generale des Systemes d Information
State / Province: Geneve
Locality: Geneve
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 30:06:03:38:9f:fb:3a:ce:59:04:0a:d7:ae:f6:ad:74:70:55:a3:95
Serial Number (int): 274165642076057534324935422306120519605059691413
Serial Number lenght: 158 bits, 20 octets

SubjectKeyId: 24:0f:7b:38:f9:2f:f4:97:0c:a4:5e:df:a8:98:42:38:bc:44:34:b2
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): 8b:e1:50:d0:4a:32:f0:6a:d0:79:9b:6a:6b:b0:13:48:04:3f:82:62
Fingerprint (sha256): 04:53:13:ad:5f:30:ea:02:f5:99:30:e3:4c:d8:6a:c5:ff:58:df:bd:d4:4a:29:88:6f:17:31:94:67:22:ba:20

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate test.b2b.ge.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for test.b2b.ge.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

test.b2b.ge.ch

Other certificates including the domain name ge.ch

(limited to 100 certificates)
impuserlabo000-ms.ceti.etat-ge.ch
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch

Certificate

The complete raw certificate details for test.b2b.ge.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJTDCCCDSgAwIBAgIUMAYDOJ/7Os5ZBArXrvatdHBVo5UwDQYJKoZIhvcNAQEL
BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE
AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTkwODAy
MDk0MjU1WhcNMjEwODAyMDk0MjU1WjCBqTELMAkGA1UEBhMCQ0gxDzANBgNVBAgT
BkdlbmV2ZTEPMA0GA1UEBxMGR2VuZXZlMScwJQYDVQQKEx5SZXB1YmxpcXVlIGV0
IENhbnRvbiBkZSBHZW5ldmUxNjA0BgNVBAsTLURpcmVjdGlvbiBHZW5lcmFsZSBk
ZXMgU3lzdGVtZXMgZCBJbmZvcm1hdGlvbjEXMBUGA1UEAxMOdGVzdC5iMmIuZ2Uu
Y2gwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKN6rznWUxTbeRJMpd
NLeiJR+UFkGFNq5wDgOkyn8fbfZzVS4KelZs85tmdXh8abN3SVpEt2+XTxYgl6qx
ZvcufZ8IPvRThBaJQUQiRcvRFUgooQtlYJbHeracO80asnFw+8DFW4iN42kOSTiu
NWhzVu8kL7Ma5ptzM0sluWLeCfoNZUTiRYFzFYb4DgFZshiavu7tSDT5bLnKmBpc
/dm2TBVv5KrOX/V2N/3wMr+zFEKu6YccBGuISomkVS862y8eJwXafbqkyw2ZcN59
eJbWf9JehaMg9xYvzQwMTAphdyf2OyWc0AsczsFdGf+wnqBM4rdAlUI6keRfGqJk
1mgpHJnduASU4rzg1bv17hJ0toRXKYI7QPkFkYuXo0ETx4pjSTQMcvJhUNCtVAy/
UuTFJLtUXxjBebUxYKPXDNO7Q8itX0qMqJyxeQU5DcB+DCyqLHlHZEI++n4K2MeV
rN2wcbG5GLLTmua6IjcWkicPBD3HCVG7cE0c5ns1MY/EDflLjxFYG8WJjAULoWEA
H9fr+s9ooIuqixkxYVbAIgC6Xe9++7G86NA15ttXvIAuy8ZVwKmDVHp1llXn6ngS
mf+BpXL5DyUthx+xYysx0ez7bZgMQLdES+mop4/ZkaU5LgQ79dy7dvtxVxCVcJde
PWvE6K/G/jrUUDnEdPA2UiX/ZwIDAQABo4IEwDCCBLwwGQYDVR0RBBIwEIIOdGVz
dC5iMmIuZ2UuY2gwDgYDVR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjAdBgNVHQ4EFgQUJA97OPkv9JcMpF7fqJhCOLxENLIwHwYDVR0j
BBgwFoAU5/Hn/S5TrRHlgRpXpHOPEn2YyK4wgf8GA1UdHwSB9zCB9DBHoEWgQ4ZB
aHR0cDovL2NybC5zd2lzc3NpZ24ubmV0L0U3RjFFN0ZEMkU1M0FEMTFFNTgxMUE1
N0E0NzM4RjEyN0Q5OEM4QUUwgaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3
aXNzc2lnbi5uZXQvQ049RTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3
RDk4QzhBRSUyQ089U3dpc3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRp
b25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwXwYD
VR0gBFgwVjBUBglghXQBWQECAQswRzBFBggrBgEFBQcCARY5aHR0cDovL3JlcG9z
aXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ24tR29sZC1DUC1DUFMucGRmMIHV
BggrBgEFBQcBAQSByDCBxTBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5u
ZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvRTdGMUU3RkQyRTUzQUQxMUU1
ODExQTU3QTQ3MzhGMTI3RDk4QzhBRTBdBggrBgEFBQcwAYZRaHR0cDovL2dvbGQt
c2VydmVyLWcyLm9jc3Auc3dpc3NzaWduLm5ldC9FN0YxRTdGRDJFNTNBRDExRTU4
MTFBNTdBNDczOEYxMjdEOThDOEFFMIIB8wYKKwYBBAHWeQIEAgSCAeMEggHfAd0A
dQBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAWxRtgLUAAAEAwBG
MEQCIFfuGcIg2VuVv2R3O47HA49J3HRBjnDXmNcvPktJKnflAiBUs8paNZ0O0A1H
BEscbjTc9EkO+bWVXLgxKHVRmDno6AB1AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEA
KQaNsgiaN9kTAAABbFG2AegAAAQDAEYwRAIgbZqjX+FbDq29Ky8a6ga/pqQAnM68
rzgmJ7ao2S+TJeQCIH7F9GGAYXh4Au7C/xvEnFzNDEgw+IQIYNNBzhXVrnf9AHYA
u9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFsUbYCSQAABAMARzBF
AiEA6XVewWJJAn6lnWcKY4uVS75MRoXLvmqahu17hE1mA+kCICT6cxRu1mSlKaj0
5by81myb7ybiTUixCk4qU/Y4NtUAAHUA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiD
AMR7iXqo/csAAAFsUbYAgwAABAMARjBEAiBSqvjlRexk8Ii9uH5/ZZ2mWHZQOmKb
qLuBT+R9dgtBngIgXBXcR0NpwqeT2v5Ick0fB1beIikt9LLIAIXXpnlf024wDQYJ
KoZIhvcNAQELBQADggEBALFIH86C3dYcylkpHDa+skxiVv9tz23tqkkdRuGHU+h5
bI4XBw4eCYtjAlwFxYifTFpKfFwI0nHbYJjhIFF82nt3KC4+F+XbDCmHFIsERn0i
mEOZ6oZ09fSdzCsF3Ozg1DugezP/FGbrxOwnbSZINOCTZbQMpL4iaFXZjJafjuRx
zUErbre1QnuT7oK+OcaBJPZ2FQAVzC8WqFT2OfgViN+YYGVLrblHQ/9uWxQoi6W8
LeOae4pvNeNgnuT4R4t27ED++6JDjGCBk/DX+AGXrUjXyyjLrU/0r3pcfARTQC2Z
CWkObfRJKOghsNhJdEI2cMjqOkJGMcXSzzJOXh5zjaY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyjeq851lMU23kSTKXTS3
oiUflBZBhTaucA4DpMp/H232c1UuCnpWbPObZnV4fGmzd0laRLdvl08WIJeqsWb3
Ln2fCD70U4QWiUFEIkXL0RVIKKELZWCWx3q2nDvNGrJxcPvAxVuIjeNpDkk4rjVo
c1bvJC+zGuabczNLJbli3gn6DWVE4kWBcxWG+A4BWbIYmr7u7Ug0+Wy5ypgaXP3Z
tkwVb+Sqzl/1djf98DK/sxRCrumHHARriEqJpFUvOtsvHicF2n26pMsNmXDefXiW
1n/SXoWjIPcWL80MDEwKYXcn9jslnNALHM7BXRn/sJ6gTOK3QJVCOpHkXxqiZNZo
KRyZ3bgElOK84NW79e4SdLaEVymCO0D5BZGLl6NBE8eKY0k0DHLyYVDQrVQMv1Lk
xSS7VF8YwXm1MWCj1wzTu0PIrV9KjKicsXkFOQ3Afgwsqix5R2RCPvp+CtjHlazd
sHGxuRiy05rmuiI3FpInDwQ9xwlRu3BNHOZ7NTGPxA35S48RWBvFiYwFC6FhAB/X
6/rPaKCLqosZMWFWwCIAul3vfvuxvOjQNebbV7yALsvGVcCpg1R6dZZV5+p4Epn/
gaVy+Q8lLYcfsWMrMdHs+22YDEC3REvpqKeP2ZGlOS4EO/Xcu3b7cVcQlXCXXj1r
xOivxv461FA5xHTwNlIl/2cCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 274165642076057534324935422306120519605059691413
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-02 09:42:55 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-02 09:42:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Direction Generale des Systemes d Information'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test.b2b.ge.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 824975229581890804110017449084977890999694555891238325686489098408060599374598226158722798701048370250210773887758062223657915204724946027085965081144066253553545522882857205813396396841018971433747882942561676337743908900665755836940532764642691382780964227718336615621038677734869921440402488377204362259820503292963024776984770746487888737807562159497639298695468775990558154565696227482103665189539157233034283321528436978049066426280068983782667685067492288251949215360666732613784268852215159059908322100226013471038917580891988284063163719161444484210657109979100397183653336549705161000172918711317753137894117881800501101475156375739557623659477191045841629125012819948521565033267063470069160633456441616841347990242155385242948813932140753871906057579209750739813861205499545647407426392199265635532909278647637130809905555370879838701683993080393970664560047226134256358938868285032900753208032174517698380858890449357860659901853162560926678585559049178249946100039795802614735381582001554308601621666849303435224930649035182203533730093148917591356397150986733966149355653416259915625530530282694126997908122354852917260836276460890447422008222307033286418705388779134297776935080289748671594082759780213338754907504487
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.b2b.ge.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							240f7b38f92ff4970ca45edfa8984238bc4434b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.11
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (479 bytes)
							01dd0075004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016c51b602d40000040300463044022057ee19c220d95b95bf64773b8ec7038f49dc74418e70d798d72f3e4b492a77e5022054b3ca5a359d0ed00d47044b1c6e34dcf4490ef9b5955cb8312875519839e8e80075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016c51b601e8000004030046304402206d9aa35fe15b0eadbd2b2f1aea06bfa6a4009ccebcaf382627b6a8d92f9325e402207ec5f4618061787802eec2ff1bc49c5ccd0c4830f8840860d341ce15d5ae77fd007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016c51b602490000040300473045022100e9755ec16249027ea59d670a638b954bbe4c4685cbbe6a9a86ed7b844d6603e9022024fa73146ed664a529a8f4e5bcbcd66c9bef26e24d48b10a4e2a53f63836d500007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016c51b600830000040300463044022052aaf8e545ec64f088bdb87e7f659da65876503a629ba8bb814fe47d760b419e02205c15dc474369c2a793dafe48724d1f0756de22292df4b2c80085d7a6795fd36e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b1481fce82ddd61cca59291c36beb24c6256ff6dcf6dedaa491d46e18753e8796c8e17070e1e098b63025c05c5889f4c5a4a7c5c08d271db6098e120517cda7b77282e3e17e5db0c2987148b04467d22984399ea8674f5f49dcc2b05dcece0d43ba07b33ff1466ebc4ec276d264834e09365b40ca4be226855d98c969f8ee471cd412b6eb7b5427b93ee82be39c68124f676150015cc2f16a854f639f81588df9860654badb94743ff6e5b14288ba5bc2de39a7b8a6f35e3609ee4f8478b76ec40fefba2438c608193f0d7f80197ad48d7cb28cbad4ff4af7a5c7c0453402d9909690e6df44928e821b0d84974423670c8ea3a424631c5d2cf324e5e1e738da6