*.hesge.ch
- Republique et Canton de Geneve -
Issued by SwissSign Server Gold CA 2014 - G22
About this certificate
This digital certificate with serial number 58:b6:00:64:cf:f9:ea:d8:49:36:1b:84:87:16:8a:ab:04:5e:c5:c7 was issued on by SwissSign AG.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
Republique et Canton de Geneve
Organization:
Republique et Canton de Geneve
Organization unit: Hautes ecoles specialisees
Organization unit: Hautes ecoles specialisees
State / Province:
Geneve
Locality: Geneve
Country: CH
Locality: Geneve
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 58:b6:00:64:cf:f9:ea:d8:49:36:1b:84:87:16:8a:ab:04:5e:c5:c7Serial Number (int): 506449957763314983903163441311690067218087724487
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: f7:6a:b6:a0:7d:06:1d:d5:ab:4a:a6:24:94:bd:5d:6d:76:b8:79:31
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae
Fingerprint (sha1): df:fb:0c:c2:63:55:6f:aa:3f:c4:c1:42:8f:cf:0b:18:83:b0:8a:25
Fingerprint (sha256): 09:4e:cd:78:ed:db:48:7d:16:da:c0:e2:b9:fa:bd:79:b2:96:a8:dc:e7:ff:07:7d:33:42:62:63:08:56:73:a3
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
Revocation information
OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AECRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate *.hesge.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.hesge.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Content Commitment
Key Encipherment
Data Encipherment
Key Agreement
Extended Key Usages
Server Authentication
Client Authentication
IPSEC End System
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.hesge.ch
Other certificates including the domain name hesge.ch
(limited to 100 certificates)
heds.prod.hesge.ch
goldorak.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
mail.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
goldorak.hesge.ch
hepiacloud.hesge.ch
m.hesge.ch
idp.hesge.ch
hepiacloud.hesge.ch
idp.hesge.ch
mail.ge.ch
*.hesge.ch
hepiacloud.hesge.ch
vdi.hesge.ch
hepiacloud.hesge.ch
hepiacloud.hesge.ch
candy.hesge.ch
idp.hesge.ch
goldorak.hesge.ch
m.hesge.ch
hepiacloud.hesge.ch
vpn.hesge.ch
*.hesge.ch
mail.ge.ch
m.hesge.ch
idp.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
*.hesge.ch
m.hesge.ch
*.hesge.ch
vdi.hesge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
mpp.hesge.ch
m.hesge.ch
goldorak.hesge.ch
head-mdm.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
goldorak.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
mail.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
goldorak.hesge.ch
hepiacloud.hesge.ch
m.hesge.ch
idp.hesge.ch
hepiacloud.hesge.ch
idp.hesge.ch
mail.ge.ch
*.hesge.ch
hepiacloud.hesge.ch
vdi.hesge.ch
hepiacloud.hesge.ch
hepiacloud.hesge.ch
candy.hesge.ch
idp.hesge.ch
goldorak.hesge.ch
m.hesge.ch
hepiacloud.hesge.ch
vpn.hesge.ch
*.hesge.ch
mail.ge.ch
m.hesge.ch
idp.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
*.hesge.ch
m.hesge.ch
*.hesge.ch
vdi.hesge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
mpp.hesge.ch
m.hesge.ch
goldorak.hesge.ch
head-mdm.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
Certificate
The complete raw certificate details for *.hesge.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGRDCCBSygAwIBAgIUWLYAZM/56thJNhuEhxaKqwRexccwDQYJKoZIhvcNAQEL BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTYwMzAz MTA1MzM1WhcNMTkwMzAzMTA1MzM1WjCBkjELMAkGA1UEBhMCQ0gxDzANBgNVBAgT BkdlbmV2ZTEPMA0GA1UEBxMGR2VuZXZlMScwJQYDVQQKEx5SZXB1YmxpcXVlIGV0 IENhbnRvbiBkZSBHZW5ldmUxIzAhBgNVBAsTGkhhdXRlcyBlY29sZXMgc3BlY2lh bGlzZWVzMRMwEQYDVQQDDAoqLmhlc2dlLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAttgtMNnopu8O/p9Xb0ypJn+RdcdSUYsnT0A3prPiGMok3jfZ durFOqj1nc97x1G0UMbReuCoz6C0Xyuycp/uMFh3jrjy6OZLRnkhpuQywhyj4uui BkzOAMiULzIWByDpg8TwrLuCK8JXBCSWxYilmZebckdqHvGzYcnMqW1yUrdiUfj+ lheDDGp1o2ddAQH4uCEzJFmHoxJxnMKePR7fOcyJXh18l+HVFZdWqzwSgIWRiglN Bkpvn0Fu7rHW50r1fSVs4/JwfdRcmKg9G7bCUyjtxHvbe4zwNfP2Wl2OkecjvWX4 Vii4uZzujrxkDSTuxDHJlP4AJDeNCTKD6eq7UQIDAQABo4ICzzCCAsswFQYDVR0R BA4wDIIKKi5oZXNnZS5jaDAOBgNVHQ8BAf8EBAMCA/gwJwYDVR0lBCAwHgYIKwYB BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBTAdBgNVHQ4EFgQU92q2oH0GHdWrSqYk lL1dbXa4eTEwHwYDVR0jBBgwFoAU5/Hn/S5TrRHlgRpXpHOPEn2YyK4wgf8GA1Ud HwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3NpZ24ubmV0L0U3RjFFN0ZE MkU1M0FEMTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4QUUwgaiggaWggaKGgZ9sZGFw Oi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049RTdGMUU3RkQyRTUzQUQxMUU1 ODExQTU3QTQ3MzhGMTI3RDk4QzhBRSUyQ089U3dpc3NTaWduJTJDQz1DSD9jZXJ0 aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJp YnV0aW9uUG9pbnQwXwYDVR0gBFgwVjBUBglghXQBWQECAQYwRzBFBggrBgEFBQcC ARY5aHR0cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ24tR29s ZC1DUC1DUFMucGRmMIHVBggrBgEFBQcBAQSByDCBxTBkBggrBgEFBQcwAoZYaHR0 cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvRTdG MUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4QzhBRTBdBggrBgEFBQcw AYZRaHR0cDovL2dvbGQtc2VydmVyLWcyLm9jc3Auc3dpc3NzaWduLm5ldC9FN0Yx RTdGRDJFNTNBRDExRTU4MTFBNTdBNDczOEYxMjdEOThDOEFFMA0GCSqGSIb3DQEB CwUAA4IBAQDNNS33yj3Pi9NxVND5bG4mx3EsplN14v8/txYCJmvKoOMTNzk+KP4j BB3txJ3MSKawvHtESNyKynITyMssJ8m5HxdaSjMxC2m4jwd/UPh3ZA/8yrXjOkg4 BadecaX3YNAPDbOBH2CBHhgLxBk9yB2bR+DuEba31yAq/8qVOECUFbhe72P8l8fp lXl+YC2qUPh0XRs+ewITe8umR776RUIgARrsOVxM+6/W9SDpSGFbWyLAWRX8DK+h M/pU3PptrpVWSs8OPJqHIF5n3gmLu6EtAPkK1YAL5VSmb7H3DtKHcDGCNMgcDUel +jI3GiNO1WS6DCa7wRf0nkASn++YPXPl -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttgtMNnopu8O/p9Xb0yp Jn+RdcdSUYsnT0A3prPiGMok3jfZdurFOqj1nc97x1G0UMbReuCoz6C0Xyuycp/u MFh3jrjy6OZLRnkhpuQywhyj4uuiBkzOAMiULzIWByDpg8TwrLuCK8JXBCSWxYil mZebckdqHvGzYcnMqW1yUrdiUfj+lheDDGp1o2ddAQH4uCEzJFmHoxJxnMKePR7f OcyJXh18l+HVFZdWqzwSgIWRiglNBkpvn0Fu7rHW50r1fSVs4/JwfdRcmKg9G7bC UyjtxHvbe4zwNfP2Wl2OkecjvWX4Vii4uZzujrxkDSTuxDHJlP4AJDeNCTKD6eq7 UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 506449957763314983903163441311690067218087724487 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-03 10:53:35 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-03 10:53:35 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hautes ecoles specialisees' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.hesge.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23081972122178294740749634708208137486170258798734753720169692564617039115685677637448045430272764395998815394499233672500122753592043608656535539812107321768027260189402950732031834656435867631991690782884026368318834951995261658930091357848055306093815295365930254985512404098890210241400256092328342331262891927268401212672417281295900821526583377232023319970002479033668113816633039951994549658945063868558522717516146312321052009296851558319403440435358978789168064874961390785730671024521227893005805920085775128163398691468322154773007715091424941414154639083191370009144298062114084950460902644459825619712849 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hesge.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03f8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.5 (ipsecEndSystem) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f76ab6a07d061dd5ab4aa62494bd5d6d76b87931 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00cd352df7ca3dcf8bd37154d0f96c6e26c7712ca65375e2ff3fb71602266bcaa0e31337393e28fe23041dedc49dcc48a6b0bc7b4448dc8aca7213c8cb2c27c9b91f175a4a33310b69b88f077f50f877640ffccab5e33a483805a75e71a5f760d00f0db3811f60811e180bc4193dc81d9b47e0ee11b6b7d7202affca9538409415b85eef63fc97c7e995797e602daa50f8745d1b3e7b02137bcba647befa454220011aec395c4cfbafd6f520e948615b5b22c05915fc0cafa133fa54dcfa6dae95564acf0e3c9a87205e67de098bbba12d00f90ad5800be554a66fb1f70ed28770318234c81c0d47a5fa32371a234ed564ba0c26bbc117f49e40129fef983d73e5