giftcard-q.kaufland.com

- Kaufland Stiftung & Co. KG -

Issued by SwissSign RSA TLS EV ICA 2021 - 1

About this certificate

This digital certificate with serial number 14:1b:7f:9c:64:96:05:f8:b8:41:29:6d:d3:00:5a:e7:ca:a6:1d:55 was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Kaufland Stiftung & Co. KG

Company registration number: HRA 102851
Organization: Kaufland Stiftung & Co. KG
Address: Rötelstr. 35
Postal code: 74172
State / Province: BW
Locality: Neckarsulm
Country: DE

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 14:1b:7f:9c:64:96:05:f8:b8:41:29:6d:d3:00:5a:e7:ca:a6:1d:55
Serial Number (int): 114793052014901455752136914329892418612883758421
Serial Number lenght: 157 bits, 20 octets

SubjectKeyId: 29:fe:1c:f6:57:bd:2e:af:72:7a:9a:15:07:cc:28:e8:5c:4e:7a:61
AuthorityKeyId: da:34:d4:8e:10:23:f4:6a:2d:6c:b4:1f:f3:28:11:de:5e:01:c4:de

Fingerprint (sha1): 5d:d3:fb:35:29:0d:76:d9:c6:5f:c0:41:08:e3:5f:a6:ec:49:5a:74
Fingerprint (sha256): 0c:2d:b5:b8:aa:a1:6b:d5:6e:fa:f9:3b:82:dc:6a:b6:f0:8f:89:4e:aa:73:a1:db:94:32:08:59:3b:c3:32:d4

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE

Revocation information

OCSP Server: http://ocsp.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE
CRL Distribution Point: http://crl.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE
CRL Distribution Point: ldap://directory.swisssign.net/CN=DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate giftcard-q.kaufland.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for giftcard-q.kaufland.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

giftcard-q.kaufland.com
www.giftcard-q.kaufland.com

Other certificates including the domain name kaufland.com

(limited to 100 certificates)
iqpim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
media.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
ssl2.ipaper.io
mobsot02.kaufland.com
ssl.ipaper.io
pim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
at2-ssl-client-fi-hcm.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
portal.eu.kaufland.com
qs2-ssl-client-fi-hcm.kaufland.com
iapim.kaufland.com
kaufland-blumen.de
asset.kaufland.com
*.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
remote.au.kaufland.com
www-pc.kaufland.com
ssl3.ipaper.io
ssl2.ipaper.io
ssl2.ipaper.io
*.ipaper.io
media-q.kaufland.com
media.kaufland.com
se1-ucexe-p011.uc.schwarz
ssl.ipaper.io
ssl3.ipaper.io
ssl2.ipaper.io
*.ipaper.io
test-hr-portal.kaufland.com
portal.eu.kaufland.com
www-ac.kaufland.com
giftcard-q.kaufland.com
portal.eu.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
www-q.kaufland.com
connect-app.kaufland.com
ssl.ipaper.io
media.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
ssl2.ipaper.io
ssl.ipaper.io
*.leaflets.kaufland.com
media.kaufland.com
iqpim.kaufland.com
assets.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
*.ipaper.io
filex-test.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
jobs.kaufland.com
secmail.kaufland.com
account.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
*.ipaper.io
webassets.kaufland.com
account.kaufland.com
www-ec.kaufland.com
asset.kaufland.com
*.leaflets.kaufland.com
account-qs.kaufland.com
*.kaufland.com
www-fc.kaufland.com
kauf.land
*.ipaper.io
www-p.kaufland.com
kaufland.com
*.ipaper.io
ssl2.ipaper.io
dam.kaufland.com
se1-ucexe-p013.uc.schwarz
remote.cz.kaufland.com
www-q.kaufland.com
www-ac.kaufland.com
*.ipaper.io
mobsot.kaufland.com
*.ipaper.io
ssl.ipaper.io
eu.limo.remote.schwarz
jobs.kaufland.com
doa.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
www-q.kaufland.com
remote.eu.kaufland.com
ssl.ipaper.io
www-qc.kaufland.com
www-pc.kaufland.com

Certificate

The complete raw certificate details for giftcard-q.kaufland.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH/jCCBeagAwIBAgIUFBt/nGSWBfi4QSlt0wBa58qmHVUwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgRVYgSUNBIDIwMjEgLSAxMB4XDTIyMTIxMzE2
MDMxMVoXDTIzMTIxMzE2MDMxMVowggEYMRMwEQYLKwYBBAGCNzwCAQMTAkRFMRMw
EQYLKwYBBAGCNzwCAQITAkJXMRowGAYLKwYBBAGCNzwCAQETCVN0dXR0Z2FydDET
MBEGA1UEBRMKSFJBIDEwMjg1MTEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xCzAJBgNVBAYTAkRFMQswCQYDVQQIEwJCVzETMBEGA1UEBxMKTmVja2Fyc3Vs
bTEOMAwGA1UEERMFNzQxNzIxFjAUBgNVBAkMDVLDtnRlbHN0ci4gMzUxIzAhBgNV
BAoMGkthdWZsYW5kIFN0aWZ0dW5nICYgQ28uIEtHMSAwHgYDVQQDExdnaWZ0Y2Fy
ZC1xLmthdWZsYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANrh4+Y2KtXXvl7WkZkgxpMUfacpVAFPUgIBAoFba3o9uBt3SFfh8zcXLqjv4CCU
nHFqc656RBhEbtlompMXADccxR8iUanPMux4leMYx1hvAsA3mbLUBLcMtlCeSGgD
3OigvFHK3nHTDhs8FeU9rFEvYJ7q7FE12b/MqzAgtrAdPjVeIi7QmMIogP7cVMf2
Ku1u3ACwkiYrHWbrBZ5M4JY/nyWaSCzu6FwFbJek+LpHxu5GRG6CKobieQ9TZc8/
3KBgsy/O8YDyAfBBiyuqxIvlYsTz0QhSX34MFrb+MnRMB7k21HLwBBt+1QSuNG0G
lSCcXinKp6tYGoE5XZARsWMCAwEAAaOCAwQwggMAMD8GA1UdEQQ4MDaCF2dpZnRj
YXJkLXEua2F1ZmxhbmQuY29tght3d3cuZ2lmdGNhcmQtcS5rYXVmbGFuZC5jb20w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAd
BgNVHQ4EFgQUKf4c9le9Lq9yepoVB8wo6FxOemEwHwYDVR0jBBgwFoAU2jTUjhAj
9GotbLQf8ygR3l4BxN4wgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5z
d2lzc3NpZ24ubmV0L0RBMzRENDhFMTAyM0Y0NkEyRDZDQjQxRkYzMjgxMURFNUUw
MUM0REUwgaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQv
Q049REEzNEQ0OEUxMDIzRjQ2QTJENkNCNDFGRjMyODExREU1RTAxQzRERSUyQ089
U3dpc3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/
b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwbgYDVR0gBGcwZTBQBghg
hXQBWQIBAzBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3Nz
aWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwCAYGBACPegEEMAcGBWeBDAEB
MIHGBggrBgEFBQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2ln
bi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvREEzNEQ0OEUxMDIzRjQ2
QTJENkNCNDFGRjMyODExREU1RTAxQzRERTBOBggrBgEFBQcwAYZCaHR0cDovL29j
c3Auc3dpc3NzaWduLm5ldC9EQTM0RDQ4RTEwMjNGNDZBMkQ2Q0I0MUZGMzI4MTFE
RTVFMDFDNERFMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IC
AQBMdY5j8C2koTjzgQlW3zJVUCsnf6ZCDC5T7Hk8KaRBrezPfgdelWZJsKBMK+Nk
r+749P+HwipMOHMsl5dRKr8jSyBukgIEJe+1zU+To9r8gS872H8xtMzhZ1KRHA6+
is/ibMmtLKXDhqockDNodO2sHdlQ4NhymlFbjGqvp5czMVmH4q2B0kTUiAepyVLI
n6/aCvFd0/tV/r8uZEKvyGZvP+fFLfv4HQYYth/52UAvdTz04ExkldWfLhCaHeV1
JP/fml15vFRoyRWhlfx38sgxciZic/jqsNUlFPMm0FURD6t1wP7gIoVGeAPVGVip
9+cuLMVlxvxgFt7WcS766kBb+ERFl6dZS9ZdHSFN6CpT3g+mkAPyn8scEdmsvOMo
rBTHHafb81QGf1QZh4JRfXqelVoy4ZP4H6Fj+hNK7SxW095EnTXKHk/jKpCPSkWj
GPnaXSje1+o3uU3yJogcWAXbGU2QBR44jB/AYCeRvjvynUcTdFKF6YvsjIM/e6+T
a39+P2sTuurUZO76/xtf4JkSVLLV/aKHkUg6MicbrZp8YINWC7G/T4k2oSbnLPrU
tJ8qnBcln/JtmENemRMuEUSZ8YB3ayT59Y+NqxSsJZe7VMv2yf1QJanAqER+fZwH
0Lal/T6+KgSM/JMO+DokS+MlL5FKFzr9hha5i80K7hB+FA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uHj5jYq1de+XtaRmSDG
kxR9pylUAU9SAgECgVtrej24G3dIV+HzNxcuqO/gIJSccWpzrnpEGERu2WiakxcA
NxzFHyJRqc8y7HiV4xjHWG8CwDeZstQEtwy2UJ5IaAPc6KC8UcrecdMOGzwV5T2s
US9gnursUTXZv8yrMCC2sB0+NV4iLtCYwiiA/txUx/Yq7W7cALCSJisdZusFnkzg
lj+fJZpILO7oXAVsl6T4ukfG7kZEboIqhuJ5D1Nlzz/coGCzL87xgPIB8EGLK6rE
i+VixPPRCFJffgwWtv4ydEwHuTbUcvAEG37VBK40bQaVIJxeKcqnq1gagTldkBGx
YwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 114793052014901455752136914329892418612883758421
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS EV ICA 2021 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-13 16:03:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-13 16:03:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BW'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1 (jurisdictionOfIncorporationL)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Stuttgart'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HRA 102851'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BW'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Neckarsulm'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '74172'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rötelstr. 35'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Kaufland Stiftung & Co. KG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'giftcard-q.kaufland.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27631341107338921402022560455490180114165222260549312570572611483326949284776974785151481872250901615253653893755288508511435824533889253323136220268818973840299031512958046896908481899418613087444669266794754518295042695402972884385042916474666131546341011427864430874366907499625704471323168052754644149172266538548334328072755333235026670405010100517348889651052902844037538283801945548265521078116333936301406924295484768770269782592568528148015237503382607549540742506475112162847727930105010987947859392720541676972466815835044453974040955406383541382565207234344902967870360308679834006698138913150106254553443
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giftcard-q.kaufland.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.giftcard-q.kaufland.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							29fe1cf657bd2eaf727a9a1507cc28e85c4e7a61
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName da34d48e1023f46a2d6cb41ff32811de5e01c4de
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.3
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		004c758e63f02da4a138f3810956df3255502b277fa6420c2e53ec793c29a441adeccf7e075e956649b0a04c2be364afeef8f4ff87c22a4c38732c9797512abf234b206e92020425efb5cd4f93a3dafc812f3bd87f31b4cce16752911c0ebe8acfe26cc9ad2ca5c386aa1c90336874edac1dd950e0d8729a515b8c6aafa79733315987e2ad81d244d48807a9c952c89fafda0af15dd3fb55febf2e6442afc8666f3fe7c52dfbf81d0618b61ff9d9402f753cf4e04c6495d59f2e109a1de57524ffdf9a5d79bc5468c915a195fc77f2c83172266273f8eab0d52514f326d055110fab75c0fee02285467803d51958a9f7e72e2cc565c6fc6016ded6712efaea405bf8444597a7594bd65d1d214de82a53de0fa69003f29fcb1c11d9acbce328ac14c71da7dbf354067f54198782517d7a9e955a32e193f81fa163fa134aed2c56d3de449d35ca1e4fe32a908f4a45a318f9da5d28ded7ea37b94df226881c5805db194d90051e388c1fc0602791be3bf29d4713745285e98bec8c833f7baf936b7f7e3f6b13baead464eefaff1b5fe0991254b2d5fda28791483a32271bad9a7c6083560bb1bf4f8936a126e72cfad4b49f2a9c17259ff26d98435e99132e114499f180776b24f9f58f8dab14ac2597bb54cbf6c9fd5025a9c0a8447e7d9c07d0b6a5fd3ebe2a048cfc930ef83a244be3252f914a173afd8616b98bcd0aee107e14