node21.webauthn.eduid.ch
- SWITCH -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 06:79:48:6c:a3:62:1d:a1:5a:cd:cd:45:fe:ea:08:63 was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
SWITCH
Organization:
SWITCH
State / Province:
Zürich
Locality: Zürich
Country: CH
Locality: Zürich
Country: CH
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:79:48:6c:a3:62:1d:a1:5a:cd:cd:45:fe:ea:08:63Serial Number (int): 8605104835289895097592407204718839907
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: bc:76:7e:5d:94:8b:8b:0c:14:9d:8f:e2:0c:fc:94:2d:31:5e:a2:44
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): 60:e7:cd:07:2b:16:65:6a:9e:bc:10:e2:81:7e:07:c9:7d:72:2a:05
Fingerprint (sha256): 09:d9:43:5e:a8:4f:5b:82:bd:95:ea:83:e9:fc:ce:48:7f:57:0c:dd:15:cf:14:24:a1:21:ba:0e:72:16:aa:04
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate node21.webauthn.eduid.ch
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for node21.webauthn.eduid.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
node21.webauthn.eduid.ch
oak21.switch.ch
webauthn.eduid.ch
oak21.switch.ch
webauthn.eduid.ch
Other certificates including the domain name eduid.ch
(limited to 100 certificates)
io.gdi.lenovo.com
node1.login.test.eduid.ch
status.republic.com
node21.webauthn.eduid.ch
login.eduid.ch
login.test.eduid.ch
idp-db.eduid.ch
login.test.eduid.ch
idp-db.test.eduid.ch
altastatus.us.veritas.com
status.republic.com
login.test.eduid.ch
login.eduid.ch
status.greenewx.com
test.login.eduid.ch
login.eduid.ch
node2.lb.trid.switch.ch
node2.lb.trid.switch.ch
login.eduid.ch
login.staging.eduid.ch
status.admiresty.co
idp-db.eduid.ch
login.staging.eduid.ch
uern.d5n.is
aai-login.eduid.ch
node1.lb.trid.switch.ch
status.alogna.co.ao
mfa.test.eduid.ch
login.test.eduid.ch
status.conpds.com
status.conpds.com
login.eduid.ch
login.eduid.ch
status.greenewx.com
eduid.ch
ap-api-fernuni.test.eduid.ch
uern.d5n.is
login.test.eduid.ch
cinc-status.tkelevator.com
comanagetest.eduid.ch
status.linkmanager.ai
status-v3.knowledgeforce.com
status.h2.tc
io.gdi.lenovo.com
idp-db.test.eduid.ch
status.greenewx.com
node2.lb.trid.switch.ch
login.eduid.ch
node2.lb.trid.switch.ch
status.greenewx.com
api.eduid.ch
eduid.ch
status.huntervoip.com.br
status.linkmanager.ai
switch.login.staging.eduid.ch
zhaw.login.staging.eduid.ch
login.staging.eduid.ch
login.eduid.ch
dun.im.4pple.org
status.alam.earth
login.eduid.ch
eduid.ch
proxy-login.eduid.ch
node2.lb.trid.switch.ch
status.republic.com
ldap-slave1.test.eduid.ch
status.sumex.ch
status.linkmanager.ai
login.staging.eduid.ch
status.linkmanager.ai
status.greenewx.com
status.linkmanager.ai
proxy-login.eduid.ch
node2.login.test.eduid.ch
login.test.eduid.ch
proxy-login.eduid.ch
mfa.eduid.ch
login.eduid.ch
altastatus.us.veritas.com
eduid.ch
ldap-slave1.eduid.ch
login.test.eduid.ch
login.test.eduid.ch
io.gdi.lenovo.com
login.test.eduid.ch
status.conpds.com
altastatus.us.veritas.com
status.linkmanager.ai
test.eduid.ch
io.gdi.lenovo.com
unisg.login.staging.eduid.ch
status.huntervoip.com.br
status.nicksaude.com.br
malincdb.switch.ch
uern.d5n.is
node1.lb.trid.switch.ch
cinc-status.tkelevator.com
api.test.eduid.ch
status.greenewx.com
status.linkmanager.ai
node1.login.test.eduid.ch
status.republic.com
node21.webauthn.eduid.ch
login.eduid.ch
login.test.eduid.ch
idp-db.eduid.ch
login.test.eduid.ch
idp-db.test.eduid.ch
altastatus.us.veritas.com
status.republic.com
login.test.eduid.ch
login.eduid.ch
status.greenewx.com
test.login.eduid.ch
login.eduid.ch
node2.lb.trid.switch.ch
node2.lb.trid.switch.ch
login.eduid.ch
login.staging.eduid.ch
status.admiresty.co
idp-db.eduid.ch
login.staging.eduid.ch
uern.d5n.is
aai-login.eduid.ch
node1.lb.trid.switch.ch
status.alogna.co.ao
mfa.test.eduid.ch
login.test.eduid.ch
status.conpds.com
status.conpds.com
login.eduid.ch
login.eduid.ch
status.greenewx.com
eduid.ch
ap-api-fernuni.test.eduid.ch
uern.d5n.is
login.test.eduid.ch
cinc-status.tkelevator.com
comanagetest.eduid.ch
status.linkmanager.ai
status-v3.knowledgeforce.com
status.h2.tc
io.gdi.lenovo.com
idp-db.test.eduid.ch
status.greenewx.com
node2.lb.trid.switch.ch
login.eduid.ch
node2.lb.trid.switch.ch
status.greenewx.com
api.eduid.ch
eduid.ch
status.huntervoip.com.br
status.linkmanager.ai
switch.login.staging.eduid.ch
zhaw.login.staging.eduid.ch
login.staging.eduid.ch
login.eduid.ch
dun.im.4pple.org
status.alam.earth
login.eduid.ch
eduid.ch
proxy-login.eduid.ch
node2.lb.trid.switch.ch
status.republic.com
ldap-slave1.test.eduid.ch
status.sumex.ch
status.linkmanager.ai
login.staging.eduid.ch
status.linkmanager.ai
status.greenewx.com
status.linkmanager.ai
proxy-login.eduid.ch
node2.login.test.eduid.ch
login.test.eduid.ch
proxy-login.eduid.ch
mfa.eduid.ch
login.eduid.ch
altastatus.us.veritas.com
eduid.ch
ldap-slave1.eduid.ch
login.test.eduid.ch
login.test.eduid.ch
io.gdi.lenovo.com
login.test.eduid.ch
status.conpds.com
altastatus.us.veritas.com
status.linkmanager.ai
test.eduid.ch
io.gdi.lenovo.com
unisg.login.staging.eduid.ch
status.huntervoip.com.br
status.nicksaude.com.br
malincdb.switch.ch
uern.d5n.is
node1.lb.trid.switch.ch
cinc-status.tkelevator.com
api.test.eduid.ch
status.greenewx.com
status.linkmanager.ai
Certificate
The complete raw certificate details for node21.webauthn.eduid.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIBDCCBuygAwIBAgIQBnlIbKNiHaFazc1F/uoIYzANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx MTA0MDAwMDAwWhcNMjQwMjAyMjM1OTU5WjBlMQswCQYDVQQGEwJDSDEQMA4GA1UE CAwHWsO8cmljaDEQMA4GA1UEBwwHWsO8cmljaDEPMA0GA1UEChMGU1dJVENIMSEw HwYDVQQDExhub2RlMjEud2ViYXV0aG4uZWR1aWQuY2gwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQDooTBcOhuGEcINJ4vSKMEx2om2TRM+rJQNUWtJsw6W GbUXWUDAqmmS0afeM5eOfd3rtVWwL3Bs1jyzV/j91FLcYMXDfcHhNgBs+sUIKSYO 2VurauoY2TRwTIHvoZlZt1uQhh5ANEhOQMWqi4nE/iPBRrXEbG9Hc/97LGskz9+4 7olMpOPMpLoNUSY3iS2jLyd0bZ7RH98t1Xh2AfBVduDV60DjwFB8B2bpytb7Czfi XR5yeXX9j7A1CGdxfyO9iopfYIQPeafeFPMKHpo6UbzKDYxKhD7h/KeEVkj49hBs Ha7J2nZOEcoef7Q5wC+AnfbFWqz+aLB+slr7mE9J5jB6BRbynZipi+Pab0D6bWx3 h6RXpl1/vJ9LT7Gd2rUydBOO2hwuSEwDDqztiSPm+DTSi4lLKcRguCzAsooGd7bY CXDEkjLPNEHwzNKX9GkalGDxYFWuKaN4c2w0nzB36buXQ4qTM+uxsYNWXOPuSIxk 1+kJoRCxq+peWmgabcuWP2KWUd3bfZEF5ccv6qd4MPp+VoXQByhbKF6e/6GKxDnx qaXYMMxiyvVACUcc4G875OIeupz5eRQNDumaxaO6xjCT0LJlp6OucdncZWGn56ML WH5dtrNCOVyTCJQOm1CVhqphGijgqKHkLgGNTVr0qeoLAdrgmXgA5kr+SaNS8xwV WwIDAQABo4IDujCCA7YwHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7tzRcw HQYDVR0OBBYEFLx2fl2Ui4sMFJ2P4gz8lC0xXqJEMEcGA1UdEQRAMD6CGG5vZGUy MS53ZWJhdXRobi5lZHVpZC5jaIIPb2FrMjEuc3dpdGNoLmNoghF3ZWJhdXRobi5l ZHVpZC5jaDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRw Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRw Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1 NjIwMjBDQTEtMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9E aWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYB BQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w UQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy dEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAA MIIBgAYKKwYBBAHWeQIEAgSCAXAEggFsAWoAdwDuzdBk1dsazsVct520zROiModG fLzs3sNRSFlGcR+1mwAAAYuXqFyVAAAEAwBIMEYCIQCREbcCjWY37ogPfP74pmQE aRcthECoiPfKTd1EtTbvrwIhAOPfoxUJJG3I8dOFNj4K470ugwu2U4ymOE7R6eir FsBuAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGLl6hcNQAA BAMARzBFAiBkJwcwJFxi5TjtZG7jwg79y7boFa2Hi4OiKi7pBxVQ8QIhAPccXYfe tpaG5V5fNtzFOTxcFexDjjUg5Vz37j+L/im0AHcA2ra/az+1tiKfm8K7XGvocJFx bLtRhIU0vaQ9MEjX+6sAAAGLl6hcHwAABAMASDBGAiEAlrzLsvdgQUOBXDnqq+EE b+tX8DDvqsQIsQcczisPXfACIQCBWCzu4jDZCodoLukKHKLbhnbUebyH1QS08ps1 mBrhbTANBgkqhkiG9w0BAQsFAAOCAQEAc753S9jJZqrxkFOmd49qfYPo9exsyCT7 jU2g+TzQQQp5et+Sb4nqbvTUXxJgU+aFWUDhoTAyPC+uk+0FqAObgUxAulK4ijS3 h1nNgR5iQ65kRlJwDjdBrde3WsVVWak9y6N9e725RSFgUpILp1AkDy8Nwv55asb8 APIvhgjn5Cvs1jAZzpQeB9EnUVQ9wYQEmMHyVWkp+Z30yTnk82MTzUuiXYJbEgN4 fg2nMPKsBMU7D7N+wxeK55Gz5kCQW4154ZzjPEoHa0sNq2mDqw9JXjWFCNq/ZQmQ JnlIml5nVMnZbSBTKP2xKzcvNeGx6XeAUthHR4k1aMsIUEJ9eOGoQg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6KEwXDobhhHCDSeL0ijB MdqJtk0TPqyUDVFrSbMOlhm1F1lAwKppktGn3jOXjn3d67VVsC9wbNY8s1f4/dRS 3GDFw33B4TYAbPrFCCkmDtlbq2rqGNk0cEyB76GZWbdbkIYeQDRITkDFqouJxP4j wUa1xGxvR3P/eyxrJM/fuO6JTKTjzKS6DVEmN4ktoy8ndG2e0R/fLdV4dgHwVXbg 1etA48BQfAdm6crW+ws34l0ecnl1/Y+wNQhncX8jvYqKX2CED3mn3hTzCh6aOlG8 yg2MSoQ+4fynhFZI+PYQbB2uydp2ThHKHn+0OcAvgJ32xVqs/miwfrJa+5hPSeYw egUW8p2YqYvj2m9A+m1sd4ekV6Zdf7yfS0+xndq1MnQTjtocLkhMAw6s7Ykj5vg0 0ouJSynEYLgswLKKBne22AlwxJIyzzRB8MzSl/RpGpRg8WBVrimjeHNsNJ8wd+m7 l0OKkzPrsbGDVlzj7kiMZNfpCaEQsavqXlpoGm3Llj9illHd232RBeXHL+qneDD6 flaF0AcoWyhenv+hisQ58aml2DDMYsr1QAlHHOBvO+TiHrqc+XkUDQ7pmsWjusYw k9CyZaejrnHZ3GVhp+ejC1h+XbazQjlckwiUDptQlYaqYRoo4Kih5C4BjU1a9Knq CwHa4Jl4AOZK/kmjUvMcFVsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8605104835289895097592407204718839907 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zürich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zürich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SWITCH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'node21.webauthn.eduid.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 949046147879822399980565482175987729941580312122528232211675564681495548444903577425733222660331063170639032239751136531792662363500756950977957720263793106221020194778589714865015470011722954376206892399487606800855643053263427739257415829072400053856239899302916941348584786429327879340620256305404050088692195436370951632786981701804886447776780324974503680677122862602158775630250161086172080604640261047181132637325101322827446121866234126113175338414935837835279774933146394490964267408928198934374419490261011308309190457138524400505561009364086026789207409208301119877129208290096835304025440956754476710645735002935173524163333512616316031611040811608979408498881503910384905445435595178195377506707197790146759594014628597135961719718015559944478528003098580026751183696664192930384494346730349852367022080922825070786159478480832907769289626898215817118354374655915231760341285635601093506126683213017854503879558047081766181623829660756495400649387515788328884548350897207237154375187404173401453565999538292858335526367663709822162700427308763083867072617136310310613780462155011798326612436725634476723881472953092186267642611220684665408509764453711328978712945157470452617731920915940631873911811035898417874351166811 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bc767e5d948b8b0c149d8fe20cfc942d315ea244 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'node21.webauthn.eduid.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oak21.switch.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webauthn.eduid.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b97a85c9500000403004830460221009111b7028d6637ee880f7cfef8a6640469172d8440a888f7ca4ddd44b536efaf022100e3dfa31509246dc8f1d385363e0ae3bd2e830bb6538ca6384ed1e9e8ab16c06e00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b97a85c350000040300473045022064270730245c62e538ed646ee3c20efdcbb6e815ad878b83a22a2ee9071550f1022100f71c5d87deb69686e55e5f36dcc5393c5c15ec438e3520e55cf7ee3f8bfe29b4007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b97a85c1f000004030048304602210096bccbb2f7604143815c39eaabe1046feb57f030efaac408b1071cce2b0f5df002210081582ceee230d90a87682ee90a1ca2db8676d479bc87d504b4f29b35981ae16d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0073be774bd8c966aaf19053a6778f6a7d83e8f5ec6cc824fb8d4da0f93cd0410a797adf926f89ea6ef4d45f126053e6855940e1a130323c2fae93ed05a8039b814c40ba52b88a34b78759cd811e6243ae644652700e3741add7b75ac55559a93dcba37d7bbdb945216052920ba750240f2f0dc2fe796ac6fc00f22f8608e7e42becd63019ce941e07d12751543dc1840498c1f2556929f99df4c939e4f36313cd4ba25d825b1203787e0da730f2ac04c53b0fb37ec3178ae791b3e640905b8d79e19ce33c4a076b4b0dab6983ab0f495e358508dabf6509902679489a5e6754c9d96d205328fdb12b372f35e1b1e9778052d84747893568cb0850427d78e1a842