api-notis.bkw.ch
- BKW AG -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 0a:6a:6f:78:a6:44:a9:c8:83:00:ae:33:37:db:10:6b was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
BKW AG
Organization:
BKW AG
Locality:
Bern
Country: CH
Country: CH
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:6a:6f:78:a6:44:a9:c8:83:00:ae:33:37:db:10:6bSerial Number (int): 13844924331156877869601104841984905323
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 6b:e7:ed:5f:de:85:c1:ff:14:c1:61:5c:c3:e4:24:b3:9f:51:8f:b5
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): b4:2e:36:31:3f:07:7f:fa:6d:0d:ac:b3:6f:3c:99:cb:36:17:b7:0e
Fingerprint (sha256): 09:a3:a9:23:ce:8b:a8:03:45:44:40:f8:a6:bf:b2:88:ee:87:13:cc:f0:dc:e8:f2:a5:b9:5b:04:f1:fd:5e:56
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate api-notis.bkw.ch
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for api-notis.bkw.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api-notis.bkw.ch
api-notis-q.bkw.ch
api-notis-t.bkw.ch
api-notis-q.bkw.ch
api-notis-t.bkw.ch
Other certificates including the domain name bkw.ch
(limited to 100 certificates)
ecmt.bkw.ch
jobs.bkw.ch
ins.bkw.ch
auth.crmdynamicst.bkw.ch
gridconnection.bkw.ch
event.bkw.ch
trinity.bkw.ch
blog.bkw.ch
blog.bkw.ch
zoon.bkw.ch
haefa.bkw.ch
event-nachhaltigkeit.bkw.ch
blue.bkw.ch
api-notis.bkw.ch
login.bkw.ch
azimi.int.bkw.ch
oscar.bkw.ch
api.bkw.ch
www.bkw.ch
shop.bkw.ch
blog.bkw.ch
bfc-example-app-next.bkw.ch
www.bkw.ch
outlook.bkw.ch
api-crm.bkw.ch
zoon.bkw.ch
blog.bkw.ch
ns-t-bkw-dmz-cus-aaa-ldap-01.bkw.ch
bkw.ch
event-nachhaltigkeit.bkw.ch
bkw.ch
feuerwehr.bkw.ch
ictmonitoring.bkw.ch
belvis.aek.ch
services-q.bkw.ch
ewp.bkw.ch
static.bkw.ch
event.bkw.ch
connect.bkw.ch
fed.bkw.ch
api-dsv-energy-strategy-backend.bkw.ch
event.bkw.ch
git.bkw.ch
netzauskunft.bkw.ch
blog.bkw.ch
akeneo-admin.bkw.ch
eventportal.bkw.ch
ra-kkm.bkw.ch
m2c-bills.bkw.ch
cloud.aek.ch
event.bkw.ch
jobs.bkw.ch
oscar.bkw-fmb.ch
event.bkw.ch
pwreset.bkw.ch
oscar.bkw.ch
*.msda.bkw.ch
www.bkwengineering.com
my.home-energy.bkw.ch
sitzung.hostedapps.bkw.ch
cockpitservicears.bkw.ch
outage.bkw.ch
api-tangento.bkw.ch
jobs.bkw.ch
shop.bkw.ch
event-nachhaltigkeit.bkw.ch
visualization.bkw.ch
visustrom1.bkw.ch
netzauskunft.bkw.ch
blog.bkw.ch
thehub-cloud.bkw.ch
ise.bkw-fmb.ch
BESUCHERZENTREN.BKW.CH
gsxmonitoring.bkw.ch
energy-asset.bkw.ch
mdomus-poc.bkw.ch
login-v2-t.bkw.ch
shop.bkw.ch
metering-workforce.bkw.ch
nexus.bkw.ch
my.home-energy.bkw.ch
haefa.test.bkw.ch
energymonitoring.bkw.ch
api-q.bkw.ch
oscar.bkw.ch
www.abaclik.bkw.ch
*.apps.collab.bkw.ch
*.elastic.int.bkw.ch
plantservices.bkw.ch
mdl.bkw.ch
blog.bkw.ch
*.aks02.bkw.ch
api-energy-asset.bkw.ch
netzauskunft.bkw.ch
smk-mdm.bkw.ch
event-nachhaltigkeit.bkw.ch
shop.bkw.ch
api-m2c-t.bkw.ch
eventportal.bkw.ch
api-oneportal-edm.bkw.ch
jobs.bkw.ch
ins.bkw.ch
auth.crmdynamicst.bkw.ch
gridconnection.bkw.ch
event.bkw.ch
trinity.bkw.ch
blog.bkw.ch
blog.bkw.ch
zoon.bkw.ch
haefa.bkw.ch
event-nachhaltigkeit.bkw.ch
blue.bkw.ch
api-notis.bkw.ch
login.bkw.ch
azimi.int.bkw.ch
oscar.bkw.ch
api.bkw.ch
www.bkw.ch
shop.bkw.ch
blog.bkw.ch
bfc-example-app-next.bkw.ch
www.bkw.ch
outlook.bkw.ch
api-crm.bkw.ch
zoon.bkw.ch
blog.bkw.ch
ns-t-bkw-dmz-cus-aaa-ldap-01.bkw.ch
bkw.ch
event-nachhaltigkeit.bkw.ch
bkw.ch
feuerwehr.bkw.ch
ictmonitoring.bkw.ch
belvis.aek.ch
services-q.bkw.ch
ewp.bkw.ch
static.bkw.ch
event.bkw.ch
connect.bkw.ch
fed.bkw.ch
api-dsv-energy-strategy-backend.bkw.ch
event.bkw.ch
git.bkw.ch
netzauskunft.bkw.ch
blog.bkw.ch
akeneo-admin.bkw.ch
eventportal.bkw.ch
ra-kkm.bkw.ch
m2c-bills.bkw.ch
cloud.aek.ch
event.bkw.ch
jobs.bkw.ch
oscar.bkw-fmb.ch
event.bkw.ch
pwreset.bkw.ch
oscar.bkw.ch
*.msda.bkw.ch
www.bkwengineering.com
my.home-energy.bkw.ch
sitzung.hostedapps.bkw.ch
cockpitservicears.bkw.ch
outage.bkw.ch
api-tangento.bkw.ch
jobs.bkw.ch
shop.bkw.ch
event-nachhaltigkeit.bkw.ch
visualization.bkw.ch
visustrom1.bkw.ch
netzauskunft.bkw.ch
blog.bkw.ch
thehub-cloud.bkw.ch
ise.bkw-fmb.ch
BESUCHERZENTREN.BKW.CH
gsxmonitoring.bkw.ch
energy-asset.bkw.ch
mdomus-poc.bkw.ch
login-v2-t.bkw.ch
shop.bkw.ch
metering-workforce.bkw.ch
nexus.bkw.ch
my.home-energy.bkw.ch
haefa.test.bkw.ch
energymonitoring.bkw.ch
api-q.bkw.ch
oscar.bkw.ch
www.abaclik.bkw.ch
*.apps.collab.bkw.ch
*.elastic.int.bkw.ch
plantservices.bkw.ch
mdl.bkw.ch
blog.bkw.ch
*.aks02.bkw.ch
api-energy-asset.bkw.ch
netzauskunft.bkw.ch
smk-mdm.bkw.ch
event-nachhaltigkeit.bkw.ch
shop.bkw.ch
api-m2c-t.bkw.ch
eventportal.bkw.ch
api-oneportal-edm.bkw.ch
Certificate
The complete raw certificate details for api-notis.bkw.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH4jCCBsqgAwIBAgIQCmpveKZEqciDAK4zN9sQazANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx MDE4MDAwMDAwWhcNMjQxMDE3MjM1OTU5WjBIMQswCQYDVQQGEwJDSDENMAsGA1UE BxMEQmVybjEPMA0GA1UEChMGQktXIEFHMRkwFwYDVQQDExBhcGktbm90aXMuYmt3 LmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApZwz4L9xIhaJShh9 jmcuXT0B3x6tI33tVu+pM1sf+dcnxHcI6lD//Ykv3P1UMgLoN40EfkrEggfKyFYY 6mmvlOhXb1DAbxZxcJeJBApHqI+VcL+wpbJD1zzCJ9YfRdvHnjW4NTO1CngaCpQp d4NL6h+e8C6WRl20yfHO4UY84oglIXfwSWooHmy5ogAzw//dTAMzDwwxZeGLupkh b4WnKET0r31Q4+ZQQ23jM/8J/8gLsW+AGoId0qRoQLwVgfkqWMOfDe6KWPMeD+kF w2hMjX+fx8H2jWlcuYHZzf3husIa4reRNzKadyXGQ/tkuKKf45YSyn9RvfpIw2Js jcb6aweAmb/gk6lfxcpfI5VabsoT8dmXihs8PznEd7sCXYMFUK6WQp35+mDxXu+t It47xRUAMeh/bzRAblJCgmwk6SF665mmxd7CcOFPWx3A+wuxegToVQVte2a+3H+b naIaHbT13ZZSOzkriG8PV+RbNxIdrgRGRCpBipvId97SJPGLKy2bldDx+PXOwrGl +wMW9X6xNrXGcjRUHzqEOrxjR13a0RNFxbW4HOPQ3qWeWadwtws5BAcYZyGRvgHS qkxmtWDbaMW8Q79g/kHp9VfnGjXKNGoOFyFBIPBQiRrz4XM4VOmRam5NLIo90FtO jBKMKu9JdR2eBi04zYM6pa9zlQsCAwEAAaOCA7UwggOxMB8GA1UdIwQYMBaAFHSF gMBmx9833s+9KTeqAx2+7c0XMB0GA1UdDgQWBBRr5+1f3oXB/xTBYVzD5CSzn1GP tTBDBgNVHREEPDA6ghBhcGktbm90aXMuYmt3LmNoghJhcGktbm90aXMtcS5ia3cu Y2iCEmFwaS1ub3Rpcy10LmJrdy5jaDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcG CCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGX MIGUMEigRqBEhkJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i YWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0 LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENB MS0xLmNybDCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz cC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2lj ZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNy dDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgB2/4g/ Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYtDa6I2AAAEAwBHMEUCIFih kxD56iOWLk4dQPh2KTgxZy8yDoiMaYffBtnhrA3ZAiEAqdGWbcu9U8o1hX0/fKQa wlFce7SVQbPKXRCAH9X8qLwAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+r OdiEcwAAAYtDa6HzAAAEAwBHMEUCIBQe6hKwApXjOVUuEs1t9yrqr2tSjbq+5VrC RVidumHXAiEAmF60XTqi33110KTG/FAH5hMWj48bmRhNe6HohKiYYfEAdwDatr9r P7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYtDa6JUAAAEAwBIMEYCIQD7 PRFbD+txybJIhmrTNIfwEuP6gy446SuN+5jXNCI5twIhAKPsJ+aCKHiiXjh/a7CY tEj0FpQ5g5vEkW14jFvTjBXdMA0GCSqGSIb3DQEBCwUAA4IBAQAEuD1LWECW8y2D n3/mUUut9qboYoPw/L8d0etsRkpnwAeRTM0lf2OWp9R0fjnN8qTyHlcvqPVQ6oce 1ASqV1XBmesaaA4OH219kd865AU+QkRczh7vGiDkhfs2sJrr0gU2YyWuruwp8ziw i/9cC77ydRmKVHNkeYso2gfJygNCmG6KCiFKy+XZPNvQ2/Dc7l4ioSh1rdK0fZqw XRHnaVaYNMvAfsQ+Se0Qdw1Fw/ZoOJo0VxSrNYoZ5BuHTspr38EMbSLl/hbU5+rB m2YPjsSZMAwbKsRR77w0Tyh3cVUG7+qpYdwGM98kaEfPwj401vHnkJ8ilbTBoEfO 9Fhtyb4e -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApZwz4L9xIhaJShh9jmcu XT0B3x6tI33tVu+pM1sf+dcnxHcI6lD//Ykv3P1UMgLoN40EfkrEggfKyFYY6mmv lOhXb1DAbxZxcJeJBApHqI+VcL+wpbJD1zzCJ9YfRdvHnjW4NTO1CngaCpQpd4NL 6h+e8C6WRl20yfHO4UY84oglIXfwSWooHmy5ogAzw//dTAMzDwwxZeGLupkhb4Wn KET0r31Q4+ZQQ23jM/8J/8gLsW+AGoId0qRoQLwVgfkqWMOfDe6KWPMeD+kFw2hM jX+fx8H2jWlcuYHZzf3husIa4reRNzKadyXGQ/tkuKKf45YSyn9RvfpIw2Jsjcb6 aweAmb/gk6lfxcpfI5VabsoT8dmXihs8PznEd7sCXYMFUK6WQp35+mDxXu+tIt47 xRUAMeh/bzRAblJCgmwk6SF665mmxd7CcOFPWx3A+wuxegToVQVte2a+3H+bnaIa HbT13ZZSOzkriG8PV+RbNxIdrgRGRCpBipvId97SJPGLKy2bldDx+PXOwrGl+wMW 9X6xNrXGcjRUHzqEOrxjR13a0RNFxbW4HOPQ3qWeWadwtws5BAcYZyGRvgHSqkxm tWDbaMW8Q79g/kHp9VfnGjXKNGoOFyFBIPBQiRrz4XM4VOmRam5NLIo90FtOjBKM Ku9JdR2eBi04zYM6pa9zlQsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13844924331156877869601104841984905323 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BKW AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api-notis.bkw.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 675630533750082155261417564653899813624062225873338762575776676643140080395169945680936681977292535437449548709547004281430489977723749420053844649342487851825762738285863413837541236814229471670777868842453292627158935139183171458382833899140249813325273293094172151289899448368452019069396034908332615410502863522815344226901219694942018491865160371437698796620819900907075489511991581392850436145509859187468505373521757732351243339311865406167655417326584161142836427948904719471403151769625788726766990075466309570736814405958863085586029844455814578770071935304842448373171335566120255872642243620186552357781783700364556996811720775221321332462281300294324064905681728283392981020769214796177223907770204876647906309282063167844938319092139525568989600572633735382172353594331862226727115727803209509942959679172216897105887238594371118845536894553121108113494357063416252988744320837321934984033756145697253903015618886851507965616756522971656136292197487252159885883419042785701683051203236522242024242921264784732468544447863348039765951065601128760632722206861006994096945898738920773471275514615786095219712576782067054172170492179681526905976716612476636492754983213379038183680113104433888598839018253826191346613064971 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6be7ed5fde85c1ff14c1615cc3e424b39f518fb5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-notis.bkw.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-notis-q.bkw.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-notis-t.bkw.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b436ba2360000040300473045022058a19310f9ea23962e4e1d40f876293831672f320e888c6987df06d9e1ac0dd9022100a9d1966dcbbd53ca35857d3f7ca41ac2515c7bb49541b3ca5d10801fd5fca8bc00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b436ba1f300000403004730450220141eea12b00295e339552e12cd6df72aeaaf6b528dbabee55ac245589dba61d7022100985eb45d3aa2df7d75d0a4c6fc5007e613168f8f1b99184d7ba1e884a89861f1007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b436ba2540000040300483046022100fb3d115b0feb71c9b248866ad33487f012e3fa832e38e92b8dfb98d7342239b7022100a3ec27e6822878a25e387f6bb098b448f4169439839bc4916d788c5bd38c15dd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0004b83d4b584096f32d839f7fe6514badf6a6e86283f0fcbf1dd1eb6c464a67c007914ccd257f6396a7d4747e39cdf2a4f21e572fa8f550ea871ed404aa5755c199eb1a680e0e1f6d7d91df3ae4053e42445cce1eef1a20e485fb36b09aebd205366325aeaeec29f338b08bff5c0bbef275198a547364798b28da07c9ca0342986e8a0a214acbe5d93cdbd0dbf0dcee5e22a12875add2b47d9ab05d11e769569834cbc07ec43e49ed10770d45c3f668389a345714ab358a19e41b874eca6bdfc10c6d22e5fe16d4e7eac19b660f8ec499300c1b2ac451efbc344f2877715506efeaa961dc0633df246847cfc23e34d6f1e7909f2295b4c1a047cef4586dc9be1e