universal-t2.postfinance.ch
- PostFinance AG -
Issued by SwissSign RSA TLS OV ICA 2021 - 1
About this certificate
This digital certificate with serial number 5e:a1:24:b3:66:a8:fe:e2:e1:2a:7b:c7:5b:08:33:b3:46:09:71:95 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
PostFinance AG
Organization:
PostFinance AG
State / Province:
BE
Locality: Bern
Country: CH
Locality: Bern
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 5e:a1:24:b3:66:a8:fe:e2:e1:2a:7b:c7:5b:08:33:b3:46:09:71:95Serial Number (int): 540238749523700298970151826007918269444693520789
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: ee:cc:f1:c8:18:2b:72:f7:87:74:c7:5e:85:5a:0c:64:08:79:b5:7d
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d
Fingerprint (sha1): 97:f5:71:73:c7:6c:4b:85:2c:29:8e:05:6d:38:be:82:93:54:83:a9
Fingerprint (sha256): 08:eb:4c:3d:83:f6:14:fc:58:7a:54:91:dc:e9:99:59:00:9e:06:66:d6:b2:90:a1:87:06:29:f4:79:27:0e:1e
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D
Revocation information
OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3DCRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate universal-t2.postfinance.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for universal-t2.postfinance.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
universal-t2.postfinance.ch
www.universal-t2.postfinance.ch
www.universal-t2.postfinance.ch
Other certificates including the domain name postfinance.ch
(limited to 100 certificates)
www.postfinance.ch
e-archiv.postfinance.ch
aliasreg.postfinance.ch
e-finance.postfinance.ch
jobs.postfinance.ch
pfportalmo.postfinance.ch
csgw-test.postfinance.ch
proof.doc-shop.postfinance.ch
commercioestero.postfinance.ch
egw-test.postfinance.ch
e-payment.postfinance.ch
sventest.postfinance.ch
youth.postfinance.ch
pfportalext-test.postfinance.ch
sgtm.postfinance.ch
sipskypebe.post.ch
pfsb-admin-test.postfinance.ch
smartbusiness.postfinance.ch
onlinehypothek-test.postfinance.ch
www-poc-test.postfinance.ch
plano.postfinance.ch
mapps-test.postfinance.ch
www.wcm-test.postfinance.ch
www.doc-shop.postfinance.ch
testplattform.postfinance.ch
oauth.postfinance.ch
privatkredit-peprod.postfinance.ch
www.postfinance.ch
dev.plusfinance.postfinance.ch
outlook.post.ch
benefit.postfinance.ch
egw.postfinance.ch
versicherungen.postfinance.ch
ebics-test.postfinance.ch
sventest.postfinance.ch
pfsb-test.postfinance.ch
universal-t2.postfinance.ch
egw-test.postfinance.ch
3dsec.postfinance.ch
dev.tilbago.postfinance.ch
pfportalmo.postfinance.ch
sipskypebe.post.ch
dev.young.postfinance.ch
tilbago.postfinance.ch
statusitservices.postfinance.ch
events-test.postfinance.ch
digitalpfc.int.postfinance.ch
pfportalmo-test.postfinance.ch
sventest.postfinance.ch
m.commercioestero.postfinance.ch
rivista.postfinance.ch
ai.ep2.postfinance.ch
ef-t2.postfinance.ch
jira-dev.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
sandbox1.postfinance.ch
sandbox1.postfinance.ch
collector-test.postfinance.ch
mapps-test.postfinance.ch
sventest.postfinance.ch
egw.postfinance.ch
hosting.postfinance.ch
nladh-t2.postfinance.ch
aussenhandel.postfinance.ch
plano.postfinance.ch
epayment.postfinance.ch
yellowpay.postfinance.ch
nlsec.postfinance.ch
challengethefuture.postfinance.ch
skypeweb.post.ch
pfsb.postfinance.ch
plano.postfinance.ch
pfportalmo.postfinance.ch
events-test.postfinance.ch
csgw-t2.postfinance.ch
epayment-test.postfinance.ch
dev.magazine.postfinance.ch
mapps.postfinance.ch
ef-t2.postfinance.ch
meet.post.ch
young.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
pfportalmo-test.postfinance.ch
e-trading.postfinance.ch
www-poc-test.postfinance.ch
pfportalext-test.postfinance.ch
events-test.postfinance.ch
pfportalmo.postfinance.ch
bqztyw.postfinance.ch
young.postfinance.ch
questback.postfinance.ch
www.plusfinance.postfinance.ch
csgw-test.postfinance.ch
stage.tour.postfinance.ch
3dsec.postfinance.ch
www2.postfinance.ch
teleoptipf.postfinance.ch
plano.postfinance.ch
e-archiv.postfinance.ch
aliasreg.postfinance.ch
e-finance.postfinance.ch
jobs.postfinance.ch
pfportalmo.postfinance.ch
csgw-test.postfinance.ch
proof.doc-shop.postfinance.ch
commercioestero.postfinance.ch
egw-test.postfinance.ch
e-payment.postfinance.ch
sventest.postfinance.ch
youth.postfinance.ch
pfportalext-test.postfinance.ch
sgtm.postfinance.ch
sipskypebe.post.ch
pfsb-admin-test.postfinance.ch
smartbusiness.postfinance.ch
onlinehypothek-test.postfinance.ch
www-poc-test.postfinance.ch
plano.postfinance.ch
mapps-test.postfinance.ch
www.wcm-test.postfinance.ch
www.doc-shop.postfinance.ch
testplattform.postfinance.ch
oauth.postfinance.ch
privatkredit-peprod.postfinance.ch
www.postfinance.ch
dev.plusfinance.postfinance.ch
outlook.post.ch
benefit.postfinance.ch
egw.postfinance.ch
versicherungen.postfinance.ch
ebics-test.postfinance.ch
sventest.postfinance.ch
pfsb-test.postfinance.ch
universal-t2.postfinance.ch
egw-test.postfinance.ch
3dsec.postfinance.ch
dev.tilbago.postfinance.ch
pfportalmo.postfinance.ch
sipskypebe.post.ch
dev.young.postfinance.ch
tilbago.postfinance.ch
statusitservices.postfinance.ch
events-test.postfinance.ch
digitalpfc.int.postfinance.ch
pfportalmo-test.postfinance.ch
sventest.postfinance.ch
m.commercioestero.postfinance.ch
rivista.postfinance.ch
ai.ep2.postfinance.ch
ef-t2.postfinance.ch
jira-dev.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
sandbox1.postfinance.ch
sandbox1.postfinance.ch
collector-test.postfinance.ch
mapps-test.postfinance.ch
sventest.postfinance.ch
egw.postfinance.ch
hosting.postfinance.ch
nladh-t2.postfinance.ch
aussenhandel.postfinance.ch
plano.postfinance.ch
epayment.postfinance.ch
yellowpay.postfinance.ch
nlsec.postfinance.ch
challengethefuture.postfinance.ch
skypeweb.post.ch
pfsb.postfinance.ch
plano.postfinance.ch
pfportalmo.postfinance.ch
events-test.postfinance.ch
csgw-t2.postfinance.ch
epayment-test.postfinance.ch
dev.magazine.postfinance.ch
mapps.postfinance.ch
ef-t2.postfinance.ch
meet.post.ch
young.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
pfportalmo-test.postfinance.ch
e-trading.postfinance.ch
www-poc-test.postfinance.ch
pfportalext-test.postfinance.ch
events-test.postfinance.ch
pfportalmo.postfinance.ch
bqztyw.postfinance.ch
young.postfinance.ch
questback.postfinance.ch
www.plusfinance.postfinance.ch
csgw-test.postfinance.ch
stage.tour.postfinance.ch
3dsec.postfinance.ch
www2.postfinance.ch
teleoptipf.postfinance.ch
plano.postfinance.ch
Certificate
The complete raw certificate details for universal-t2.postfinance.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJOTCCByGgAwIBAgIUXqEks2ao/uLhKnvHWwgzs0YJcZUwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMDYwMjEx MTg1OVoXDTIzMDYwMjExMTg1OVowaDELMAkGA1UEBhMCQ0gxCzAJBgNVBAgTAkJF MQ0wCwYDVQQHEwRCZXJuMRcwFQYDVQQKEw5Qb3N0RmluYW5jZSBBRzEkMCIGA1UE AxMbdW5pdmVyc2FsLXQyLnBvc3RmaW5hbmNlLmNoMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA3hlYkaROASrjpTfmo14Ep1Sm909V+32RxkM99bAqto98 lrhB4bq9MfTFqvskvdsn6G7UX9F9XPk6bWq1Yf0iaMmnNHlxwf+HCXmnxg04Xz9W GK5Tv9IXMEbTXIufYtvz3FqlH2Df0BpXsnvCpgBe9FZAQbVhzs5CVw2LWxmVDRdN lXbL/gt9Jr9vE50AaEKLRRLQUSjeLLPKFlNPu0lmQ9mv0Ks3cLGd5OOzTsV6hgnT 4xsu1fCz4QmglXrYcZmnzb838H1zxQh/OK0A8Nikw6jmBBGb/NJJ9c48I+JNhjyM MiyQ4jTGpn0rIQaydx66PgUwcdoiSlvtfWGTPiwH1wIDAQABo4IE8TCCBO0wRwYD VR0RBEAwPoIbdW5pdmVyc2FsLXQyLnBvc3RmaW5hbmNlLmNogh93d3cudW5pdmVy c2FsLXQyLnBvc3RmaW5hbmNlLmNoMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFO7M8cgYK3L3h3THXoVaDGQI ebV9MB8GA1UdIwQYMBaAFKzQOsLCV1WRaRHMcGpZOIqMrJw9MIH/BgNVHR8Egfcw gfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5ldC9BQ0QwM0FDMkMyNTc1 NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5QzNEMIGooIGloIGihoGfbGRhcDovL2Rp cmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPUFDRDAzQUMyQzI1NzU1OTE2OTExQ0M3 MDZBNTkzODhBOENBQzlDM0QlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNh dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv blBvaW50MG8GA1UdIARoMGYwUAYIYIV0AVkCAQIwRDBCBggrBgEFBQcCARY2aHR0 cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMu cGRmMAgGBgQAj3oBBzAIBgZngQwBAgIwgcYGCCsGAQUFBwEBBIG5MIG2MGQGCCsG AQUFBzAChlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2ktYmluL2F1dGhvcml0eS9k b3dubG9hZC9BQ0QwM0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5QzNE ME4GCCsGAQUFBzABhkJodHRwOi8vb2NzcC5zd2lzc3NpZ24ubmV0L0FDRDAzQUMy QzI1NzU1OTE2OTExQ0M3MDZBNTkzODhBOENBQzlDM0QwggH1BgorBgEEAdZ5AgQC BIIB5QSCAeEB3wB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAAB gSQj5loAAAQDAEcwRQIgdPa/MwlJ61GIrHsXRyxh4uMt2h5q2qwwDFOhCxIKvUYC IQCHUaj0jMz8XaiaHKqd8S88wnEhs6Yo34eBZ9vRuoAfsAB1AG9Tdqwx8DEZ2JkA pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABgSQj5uAAAAQDAEYwRAIgLOmk9pwcHkgw CRtXKrU+JTju7ZccsHO6vpcIoV8y03YCIEH5S6oYh2LN1nm+g90Dxp7bVVJZM2E1 apniuRAXR1tSAHYArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooAAAGB JCPjQwAABAMARzBFAiEAuLch/z4a2f5stVvMbKtNbcTszspszXwDEuXPbcOC69EC IAUG9hMVT+gxkYOkCo2H4FzyErJK4TGgh/RgsFpfYaBhAHYA6D7Q2j71BjUy51co vIlryQPTy9ERa+zraeF3fW0GvW4AAAGBJCPmlQAABAMARzBFAiEAjkM7UYwpT2+T dcANuHvURoUP9ksVRo6rj2toqCeU190CIFQvaYgiBEt3SZ3VO4o68PUCjW1PH3nq /EZb6Ez0pMCFMA0GCSqGSIb3DQEBCwUAA4ICAQATkoY3BA2ePC50Jm58WF7ehzjG YVqOM1uWNX0wr9rLocohUNDtGepZvCpy5qFE14NpStDW9W3oSwGime0J6d2gRjyn 8GJqY7disLy8fJSn4YEkLZ14z9isddyuwLtjIpVzfDP24VKGNhe0RMyI3otrZ9Dq jWaCzquR3khnavRbn8nnVigivMk74EGxhn7oa7nTcjuRJffu0qLLSwwy994h8zlo xb9Tph2DCKAfif9TF0/kwbs9GW6tMASGyyU6W68xVmoDq2lWIBHSvAtw8GqfY6ay 0uP46xnK6tnfMgxq7hiuesoUadhZ6JP942XyRvDxN0yg0+QiUGegYaWXWlK1S8bg dUSpe2tOqXfTnRnHnKqmA3NuSDM2WLADvl5NpBusqY9eTYfqgbHnS2u/YHt/tech Rna+zTihp7C8Nn//7g343iOMJBCLfxn7JCDhky3QwDXfIC18E+DnY69rcgSUpm6m zTYhBda3MZrKW9lAmz6saziScGrijXx00t8POm7e09s9Q3PAMaBKrSVSlAOnb3BR wlknRnykcJWJ4XAU9MLqbUgjw3nAW3Lrfi/LvXp/DXBlGFLHVkBPcUDW9ul04Yrh ZsMPc+31TxTa//ZqmixOjKkWGu1qZZAFD5fuoOUw/nz/snUIrzvNVTEuXwvoyz7k NSjHByo/qe+Mg8POWQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hlYkaROASrjpTfmo14E p1Sm909V+32RxkM99bAqto98lrhB4bq9MfTFqvskvdsn6G7UX9F9XPk6bWq1Yf0i aMmnNHlxwf+HCXmnxg04Xz9WGK5Tv9IXMEbTXIufYtvz3FqlH2Df0BpXsnvCpgBe 9FZAQbVhzs5CVw2LWxmVDRdNlXbL/gt9Jr9vE50AaEKLRRLQUSjeLLPKFlNPu0lm Q9mv0Ks3cLGd5OOzTsV6hgnT4xsu1fCz4QmglXrYcZmnzb838H1zxQh/OK0A8Nik w6jmBBGb/NJJ9c48I+JNhjyMMiyQ4jTGpn0rIQaydx66PgUwcdoiSlvtfWGTPiwH 1wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 540238749523700298970151826007918269444693520789 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-02 11:18:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-02 11:18:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PostFinance AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'universal-t2.postfinance.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28037402267242779167522169476794442266907490955332574174966083597792989863538530969359400566337729338240200800197736539552292134910498884045730169934320000665947903433003238254795546364290599421566491507533211067956969191597844798886154821011567313194843111613536124028272888738365907780206189826702492460643641369054142936953384964172345685296162477887783763452389853924136093434005439710316637894313233977023393255307602434685420345047332360334947210406645788864403237446929058848359461902127567762912146984522613803650225924692895781316007488855242088864264132670362690701585993596209742147492028983092669196273623 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universal-t2.postfinance.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universal-t2.postfinance.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) eeccf1c8182b72f78774c75e855a0c640879b57d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001812423e65a0000040300473045022074f6bf330949eb5188ac7b17472c61e2e32dda1e6adaac300c53a10b120abd460221008751a8f48cccfc5da89a1caa9df12f3cc27121b3a628df878167dbd1ba801fb00075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d913000001812423e6e0000004030046304402202ce9a4f69c1c1e4830091b572ab53e2538eeed971cb073babe9708a15f32d376022041f94baa188762cdd679be83dd03c69edb5552593361356a99e2b91017475b52007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001812423e3430000040300473045022100b8b721ff3e1ad9fe6cb55bcc6cab4d6dc4ecceca6ccd7c0312e5cf6dc382ebd102200506f613154fe8319183a40a8d87e05cf212b24ae131a087f460b05a5f61a061007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001812423e69500000403004730450221008e433b518c294f6f9375c00db87bd446850ff64b15468eab8f6b68a82794d7dd0220542f698822044b77499dd53b8a3af0f5028d6d4f1f79eafc465be84cf4a4c085 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0013928637040d9e3c2e74266e7c585ede8738c6615a8e335b96357d30afdacba1ca2150d0ed19ea59bc2a72e6a144d783694ad0d6f56de84b01a299ed09e9dda0463ca7f0626a63b762b0bcbc7c94a7e181242d9d78cfd8ac75dcaec0bb632295737c33f6e152863617b444cc88de8b6b67d0ea8d6682ceab91de48676af45b9fc9e7562822bcc93be041b1867ee86bb9d3723b9125f7eed2a2cb4b0c32f7de21f33968c5bf53a61d8308a01f89ff53174fe4c1bb3d196ead300486cb253a5baf31566a03ab69562011d2bc0b70f06a9f63a6b2d2e3f8eb19caead9df320c6aee18ae7aca1469d859e893fde365f246f0f1374ca0d3e4225067a061a5975a52b54bc6e07544a97b6b4ea977d39d19c79caaa603736e48333658b003be5e4da41baca98f5e4d87ea81b1e74b6bbf607b7fb5e7214676becd38a1a7b0bc367fffee0df8de238c24108b7f19fb2420e1932dd0c035df202d7c13e0e763af6b720494a66ea6cd362105d6b7319aca5bd9409b3eac6b3892706ae28d7c74d2df0f3a6eded3db3d4373c031a04aad25529403a76f7051c25927467ca4709589e17014f4c2ea6d4823c379c05b72eb7e2fcbbd7a7f0d70651852c756404f7140d6f6e974e18ae166c30f73edf54f14dafff66a9a2c4e8ca9161aed6a6590050f97eea0e530fe7cffb27508af3bcd55312e5f0be8cb3ee43528c7072a3fa9ef8c83c3ce59