tst-opus.lucorp.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 50:ba:95:38:3f:87:73:af:18:75:83:8b:a5:59:7a:be:fc:50:04:b5 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=tst-opus.lucorp.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 50:ba:95:38:3f:87:73:af:18:75:83:8b:a5:59:7a:be:fc:50:04:b5Serial Number (int): 460880199143694907852235922156332791716331390133
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 18:10:62:d8:6c:2e:7a:95:1b:55:d9:17:d0:f7:92:5e:45:a8:6f:0e
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 2d:de:a7:14:cc:b4:0d:d7:1b:1b:b3:6d:98:a4:02:e8:f1:63:75:28
Fingerprint (sha256): 07:23:a8:13:a1:21:89:71:49:e6:83:3d:67:2f:31:71:67:cc:9b:29:7f:0e:fd:ee:56:f2:d2:26:25:45:5a:a1
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate tst-opus.lucorp.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tst-opus.lucorp.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tst-opus.lucorp.ch
Other certificates including the domain name lucorp.ch
(limited to 100 certificates)
int-opus.lucorp.ch
dev-zertifikate.lucorp.ch
sb009425.lucorp.ch
lu311003.lucorp.ch
contractx.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
michel.lucorp.ch
caml.lucorp.ch
zertifikate.lucorp.ch
dlp-admin.lucorp.ch
norma4040046.lucorp.ch
int-caml.lucorp.ch
dev-zertifikate.lucorp.ch
uci-lukh-nc-002.ucc.lucorp.ch
lu326003.lucorp.ch
int-ecm-trans.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
*.ops.lucorp.ch
tst-opus.lucorp.ch
vm-prd-iacmvp-gitlabserver-chn-001.gitlab.azure.lucorp.ch
int-ecm-trans.lucorp.ch
lu317003.lucorp.ch
amx1.lucorp.ch
paedi.lucorp.ch
tst-opus.lucorp.ch
dev-admin-anlegen.lucorp.ch
old-opus.lucorp.ch
zertifikate.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
rechner.lucorp.ch
norma4040315.lucorp.ch
uci-lukh-nc-003.ucc.lucorp.ch
uci-lukh-nwe-002.lukb.ch
*.lucorp.ch
norma4040044.lucorp.ch
old-opus.lucorp.ch
lu380003.lucorp.ch
tst-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
ecm-act1.lucorp.ch
old-opus.lucorp.ch
int-intra.lucorp.ch
dev-zertifikate.lucorp.ch
int-admin.lucorp.ch
dev-opus.lucorp.ch
test-dlp.lucorp.ch
int-opus.lucorp.ch
zertifikate.lucorp.ch
quote-push1.lucorp.ch
norma4040045.lucorp.ch
tst-opus.lucorp.ch
lu326001.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
int-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
tst-opus.lucorp.ch
int-opus.lucorp.ch
old-opus.lucorp.ch
tst-opus.lucorp.ch
ecm-act4.lucorp.ch
norma4040045.lucorp.ch
keycloak.test-dlp.lucorp.ch
int-datrading.lucorp.ch
dacs.lucorp.ch
int-datrading.lucorp.ch
dev-opus.lucorp.ch
int-opus.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
dev-opus.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
lu311003.lucorp.ch
opus.lucorp.ch
zertifikate.lucorp.ch
datrading.lucorp.ch
old-opus.lucorp.ch
lu312004.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
sb001904.lucorp.ch
dev-opus.lucorp.ch
norma4040250.lucorp.ch
dev-opus.lucorp.ch
opus.lucorp.ch
old-opus.lucorp.ch
test-dlp.lucorp.ch
sursee-safepro.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
lu15388.lucorp.ch
vm-prd-iacmvp-gitlabrunner-chn-001.gitlab.azure.lucorp.ch
michel1.lucorp.ch
dev-zertifikate.lucorp.ch
arbeitszeugnis.lucorp.ch
old-opus.lucorp.ch
lu305003.lucorp.ch
dev-zertifikate.lucorp.ch
sb009425.lucorp.ch
lu311003.lucorp.ch
contractx.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
michel.lucorp.ch
caml.lucorp.ch
zertifikate.lucorp.ch
dlp-admin.lucorp.ch
norma4040046.lucorp.ch
int-caml.lucorp.ch
dev-zertifikate.lucorp.ch
uci-lukh-nc-002.ucc.lucorp.ch
lu326003.lucorp.ch
int-ecm-trans.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
*.ops.lucorp.ch
tst-opus.lucorp.ch
vm-prd-iacmvp-gitlabserver-chn-001.gitlab.azure.lucorp.ch
int-ecm-trans.lucorp.ch
lu317003.lucorp.ch
amx1.lucorp.ch
paedi.lucorp.ch
tst-opus.lucorp.ch
dev-admin-anlegen.lucorp.ch
old-opus.lucorp.ch
zertifikate.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
rechner.lucorp.ch
norma4040315.lucorp.ch
uci-lukh-nc-003.ucc.lucorp.ch
uci-lukh-nwe-002.lukb.ch
*.lucorp.ch
norma4040044.lucorp.ch
old-opus.lucorp.ch
lu380003.lucorp.ch
tst-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
ecm-act1.lucorp.ch
old-opus.lucorp.ch
int-intra.lucorp.ch
dev-zertifikate.lucorp.ch
int-admin.lucorp.ch
dev-opus.lucorp.ch
test-dlp.lucorp.ch
int-opus.lucorp.ch
zertifikate.lucorp.ch
quote-push1.lucorp.ch
norma4040045.lucorp.ch
tst-opus.lucorp.ch
lu326001.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
int-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
tst-opus.lucorp.ch
int-opus.lucorp.ch
old-opus.lucorp.ch
tst-opus.lucorp.ch
ecm-act4.lucorp.ch
norma4040045.lucorp.ch
keycloak.test-dlp.lucorp.ch
int-datrading.lucorp.ch
dacs.lucorp.ch
int-datrading.lucorp.ch
dev-opus.lucorp.ch
int-opus.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
dev-opus.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
lu311003.lucorp.ch
opus.lucorp.ch
zertifikate.lucorp.ch
datrading.lucorp.ch
old-opus.lucorp.ch
lu312004.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
sb001904.lucorp.ch
dev-opus.lucorp.ch
norma4040250.lucorp.ch
dev-opus.lucorp.ch
opus.lucorp.ch
old-opus.lucorp.ch
test-dlp.lucorp.ch
sursee-safepro.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
lu15388.lucorp.ch
vm-prd-iacmvp-gitlabrunner-chn-001.gitlab.azure.lucorp.ch
michel1.lucorp.ch
dev-zertifikate.lucorp.ch
arbeitszeugnis.lucorp.ch
old-opus.lucorp.ch
lu305003.lucorp.ch
Certificate
The complete raw certificate details for tst-opus.lucorp.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJAjCCBuqgAwIBAgIUULqVOD+Hc68YdYOLpVl6vvxQBLUwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDEyODA3 NTI0M1oXDTI1MDEyODA3NTI0M1owHTEbMBkGA1UEAxMSdHN0LW9wdXMubHVjb3Jw LmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp+wwMKwQ9VtUOkJ2 +S23On1WKxEI/hISWw3PRKMDTDZGZydbujVozEdAdFhU9sIEUH9Q9p6T08wKVYfs YNK8Q9E1r1SLMbNn/v6vVbWHKi4SpnkDDG7RPSOHt8sX70Noihh8fUGtP/3GcC6H /d8q8jnVrWjuy4mxUFhZNWJDAwLN92OVlI4B/tLZfuTrZrFaFxTSgNch+wrbTyqm roaeAWEHuftzaekUzJ/VjOuEcqj9+KOapJ5sDqzlFHy+qBWYPNaH3oJBc0ANfoRS oqHKH7a4sh47qLTYc54YaZnzlP5e06wjOLrGKLEDEU0G1cDZEdCJ2PKGHE/6eIax r+V3S0B/oYzUITLLSDEqI9E9+mtU/FRTVDjbxUb3PLeNs9PFbVVjkqkPFdj/CZwB 8xb5knG529/TGqzcfi2/pfAj8Bl5ivGFONEvWOlI29qRra3D6oJrhUhWnIGCWdVz uqD2rta/IEVQ8PVdVfpzsUctSLl535rxJgQh88RNuZoCYrvgcyKT8tQBeQb8ZapZ AXBpHKFvFxdY86LidPOkP/zr93V74vPBnJDXKi1uxAFxCBwkNMTaBGD1L3k4d7Y8 RoiQp1001rcGLx7SMwopRS/TahgzOZvLrSACTRlxSbuu3Ng0LgCuv2QaVCHasisq w8NlZVeiGD7eVLjLgfUN1LUwutECAwEAAaOCBAUwggQBMIGyBggrBgEFBQcBAQSB pTCBojBMBggrBgEFBQcwAoZAaHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWlyLTFi ODYzMzg1LWY0YTktNDdmYS04OGE1LTJhNWFiZmQ0YTE2NzBSBggrBgEFBQcwAYZG aHR0cDovL29jc3Auc3dpc3NzaWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgt NDA2OS05YjFiLWZkMjlhYjczZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECATAIBgYE AI96AQYwUAYIYIV0AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0 b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1UdHwRK MEgwRqBEoEKGQGh0dHA6Ly9jcmwuc3dpc3NzaWduLmNoL2NkcC02Nzk3MjNiMi04 NjQxLTQ2NDItODUwMC1mNmQyZmYzN2U2YmEwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAdBgNVHREEFjAUghJ0c3Qtb3B1cy5s dWNvcnAuY2gwHQYDVR0OBBYEFBgQYthsLnqVG1XZF9D3kl5FqG8OMB8GA1UdIwQY MBaAFOu9f0mTjMnu7KK69xzSZ/CDsereMIIB9gYKKwYBBAHWeQIEAgSCAeYEggHi AeAAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAY1PDnYCAAAE AwBHMEUCIQC0ekZPJDgwQUWe1EEGICswCehfxX1zVMIoUYzRISVr5wIgE7pPKZDw fjwrmVhaDQphjMO4tLeQL/dq3NajtaSDZcMAdgDPEVbu1S58r/OHW9lpLpvpGnFn SrAX7KwB0lt3zsw7CAAAAY1PDnbEAAAEAwBHMEUCIBHnp8dDLCMDN49ZnD3Nf1Ty MVHYDCpVLLLOJv5TCuUCAiEAoAJRlDetX0qMcgvFiqzGvppzWcjve/VQwp4xY0GN 4tQAdgDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAY1PDnfNAAAE AwBHMEUCICGS5ObFV2orz2Y5HMvM7Q17fZvOHZKCtoTMLe6xaXh3AiEAy/VUEA3N fr0nF+vW51fMewBzKU66jrfbWnVg4j78HIUAdgBOdaMnXJoQwzhbbNTfP1LrHfDg jhuNacCx+mSxYpo53wAAAY1PDnjXAAAEAwBHMEUCIDQDVMNo4anN5A5O/StUOyDj OzwtVkjQIZKVZcbMRPeDAiEAtSxTRJWC/tyI6jaoZhg6Sd8A8tpX/+gsas5xWehH LWcwDQYJKoZIhvcNAQELBQADggIBAB9Gt1CdMzSpV2zbr3T2lRE1Q5pC55qViqFN 7aVoA8oTlWdTliOwZoKJvFFoSwXMiD4rBZabUHhoVmtpVYKQX8tv9G6Gb8PjabFi YIGHrGY7zAUzXA1VUPoCspuGCHJMWN27N0SItOYLuUU9xl6qCzZiHDF7+ijp3/sI mhi/06NcSpIRG8MKIkURhC8TcfR1vBFqjFtEJNgH9ASkIL1ygYyrrPV4rfJy/E7S IAYnu0C7NlvXF82wmxacVIkO8O0pFWBUFnJpxu0ggPXcsni4dTQE307FUkjrf6Vy GHwXLnD3rZxYAJuzhfsjNqhAcoo/0byNfEir6wZg1x+Hzc2flQAGbToWS4LZE1PU dZNDmES/95dWFsRYoybFz+ZvcdH8LTQ9jB6XLEWQOvRW7NbOmIuuCBZ0ikxuUykk 8xDdYhjX4RhWX0cGefMLdT+rycOuXn5UMw2KOi8tZYj55GN++LYKtmxRDsIFWH+J YIQwkIh7aym8TNmKwvvRCDVozipfeocFSHwmLIuXmXzC889X0C+/TTOfduVta7ux 22R2IBLi5C5vNGah3Sgl46JGKpexX0b65F4XZxszsJ3vh00FHkifWwLfnZCdk0qQ bo3gF4vkazSdTsV8hWUL1ioIYsHuaeSm7fiR5xsq4l+p1J0EVYX6QO5OSAAbanTh +i9J4ORd -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp+wwMKwQ9VtUOkJ2+S23 On1WKxEI/hISWw3PRKMDTDZGZydbujVozEdAdFhU9sIEUH9Q9p6T08wKVYfsYNK8 Q9E1r1SLMbNn/v6vVbWHKi4SpnkDDG7RPSOHt8sX70Noihh8fUGtP/3GcC6H/d8q 8jnVrWjuy4mxUFhZNWJDAwLN92OVlI4B/tLZfuTrZrFaFxTSgNch+wrbTyqmroae AWEHuftzaekUzJ/VjOuEcqj9+KOapJ5sDqzlFHy+qBWYPNaH3oJBc0ANfoRSoqHK H7a4sh47qLTYc54YaZnzlP5e06wjOLrGKLEDEU0G1cDZEdCJ2PKGHE/6eIaxr+V3 S0B/oYzUITLLSDEqI9E9+mtU/FRTVDjbxUb3PLeNs9PFbVVjkqkPFdj/CZwB8xb5 knG529/TGqzcfi2/pfAj8Bl5ivGFONEvWOlI29qRra3D6oJrhUhWnIGCWdVzuqD2 rta/IEVQ8PVdVfpzsUctSLl535rxJgQh88RNuZoCYrvgcyKT8tQBeQb8ZapZAXBp HKFvFxdY86LidPOkP/zr93V74vPBnJDXKi1uxAFxCBwkNMTaBGD1L3k4d7Y8RoiQ p1001rcGLx7SMwopRS/TahgzOZvLrSACTRlxSbuu3Ng0LgCuv2QaVCHasisqw8Nl ZVeiGD7eVLjLgfUN1LUwutECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 460880199143694907852235922156332791716331390133 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-28 07:52:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-28 07:52:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tst-opus.lucorp.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 685064481090520096591578287850444708021230601175013736691169406768980539602627130184779731123856336408131041919805770185987071293975879066292246091541548531738358566407037211862382949855064788959754646245849798623490963464679367269443955232001477681103318617730150787308049807850162095011414380405290583946525310090865010856827857268767936778070968399131098455579904246880138828035046693306399443328117656161612492881324887747563472531763162572051416326381846955489512608044201187639595383726908794432059779465411220590584440002414454006721454462303119857418323624944729615960715411529706413846725429371082036217590012568448040820840902646514953607369129766113716020361933679015231998974750866015816740353593668612701382295092082871885591989336475612259514318880029542710620864933216801531825463690164425671530884242279231775984726748386509462428141493764917245841138723160861642430246220761164451501741823064658468318868500233184936773594806860058043763712724575512938259019392093115218908239970846988661313774903778485873301430561826625518151724623794808619048091917771225516306351463621504610222062660438304423357554258029151628628775991635345552591156114015933898433782592438833648456815571068184402448198884593373738571616271057 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst-opus.lucorp.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 181062d86c2e7a951b55d917d0f7925e45a86f0e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes) 01e00076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018d4f0e76020000040300473045022100b47a464f24383041459ed44106202b3009e85fc57d7354c228518cd121256be7022013ba4f2990f07e3c2b99585a0d0a618cc3b8b4b7902ff76adcd6a3b5a48365c3007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d4f0e76c40000040300473045022011e7a7c7432c2303378f599c3dcd7f54f23151d80c2a552cb2ce26fe530ae502022100a002519437ad5f4a8c720bc58aacc6be9a7359c8ef7bf550c29e3163418de2d4007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018d4f0e77cd000004030047304502202192e4e6c5576a2bcf66391ccbcced0d7b7d9bce1d9282b684cc2deeb1697877022100cbf554100dcd7ebd2717ebd6e757cc7b0073294eba8eb7db5a7560e23efc1c850076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d4f0e78d700000403004730450220340354c368e1a9cde40e4efd2b543b20e33b3c2d5648d021929565c6cc44f783022100b52c53449582fedc88ea36a866183a49df00f2da57ffe82c6ace7159e8472d67 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 001f46b7509d3334a9576cdbaf74f6951135439a42e79a958aa14deda56803ca139567539623b0668289bc51684b05cc883e2b05969b507868566b695582905fcb6ff46e866fc3e369b162608187ac663bcc05335c0d5550fa02b29b8608724c58ddbb374488b4e60bb9453dc65eaa0b36621c317bfa28e9dffb089a18bfd3a35c4a92111bc30a224511842f1371f475bc116a8c5b4424d807f404a420bd72818cabacf578adf272fc4ed2200627bb40bb365bd717cdb09b169c54890ef0ed29156054167269c6ed2080f5dcb278b8753404df4ec55248eb7fa572187c172e70f7ad9c58009bb385fb2336a840728a3fd1bc8d7c48abeb0660d71f87cdcd9f9500066d3a164b82d91353d47593439844bff7975616c458a326c5cfe66f71d1fc2d343d8c1e972c45903af456ecd6ce988bae0816748a4c6e532924f310dd6218d7e118565f470679f30b753fabc9c3ae5e7e54330d8a3a2f2d6588f9e4637ef8b60ab66c510ec205587f8960843090887b6b29bc4cd98ac2fbd1083568ce2a5f7a8705487c262c8b97997cc2f3cf57d02fbf4d339f76e56d6bbbb1db64762012e2e42e6f3466a1dd2825e3a2462a97b15f46fae45e17671b33b09def874d051e489f5b02df9d909d934a906e8de0178be46b349d4ec57c85650bd62a0862c1ee69e4a6edf891e71b2ae25fa9d49d045585fa40ee4e48001b6a74e1fa2f49e0e45d