tlmobile.postfinance.ch
- PostFinance AG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 6d:68:8e:aa:45:df:b1:95:ab:10:54:df:90:f7:b4:00:da:e7:1d:bb was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
PostFinance AG
Organization:
PostFinance AG
State / Province:
BE
Locality: Bern
Country: CH
Locality: Bern
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 6d:68:8e:aa:45:df:b1:95:ab:10:54:df:90:f7:b4:00:da:e7:1d:bbSerial Number (int): 624611699405928595215745209805742606123039923643
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 8c:14:ba:ff:ec:40:13:4c:69:2a:86:04:f5:e2:a2:9c:60:39:1f:76
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 1b:04:5b:dd:f5:e7:0c:fa:fe:4f:fc:ef:09:e7:21:de:f7:b4:34:e4
Fingerprint (sha256): 0e:c1:03:2f:da:24:4e:67:78:5a:13:6a:13:69:7a:bc:dd:69:0c:08:3b:25:f2:de:64:4e:44:fc:81:87:a4:84
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate tlmobile.postfinance.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tlmobile.postfinance.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tlmobile.postfinance.ch
telemetry.postfinance.ch
telemetry.postfinance.ch
Other certificates including the domain name postfinance.ch
(limited to 100 certificates)
www.postfinance.ch
e-archiv.postfinance.ch
aliasreg.postfinance.ch
e-finance.postfinance.ch
jobs.postfinance.ch
pfportalmo.postfinance.ch
csgw-test.postfinance.ch
proof.doc-shop.postfinance.ch
commercioestero.postfinance.ch
egw-test.postfinance.ch
e-payment.postfinance.ch
pfsb-admin-test.postfinance.ch
sventest.postfinance.ch
claims.versicherungen.postfinance.ch
youth.postfinance.ch
pfportalext-test.postfinance.ch
sgtm.postfinance.ch
sipskypebe.post.ch
partnerteststatus.postfinance.ch
pfsb-admin-test.postfinance.ch
smartbusiness.postfinance.ch
onlinehypothek-test.postfinance.ch
www-poc-test.postfinance.ch
plano.postfinance.ch
mapps-test.postfinance.ch
www.wcm-test.postfinance.ch
www.doc-shop.postfinance.ch
testplattform.postfinance.ch
oauth.postfinance.ch
privatkredit-peprod.postfinance.ch
www.postfinance.ch
ok-api-test.postfinance.ch
dev.plusfinance.postfinance.ch
outlook.post.ch
benefit.postfinance.ch
egw.postfinance.ch
versicherungen.postfinance.ch
bqztyw.postfinance.ch
ebics-test.postfinance.ch
sventest.postfinance.ch
pfsb-test.postfinance.ch
universal-t2.postfinance.ch
egw-test.postfinance.ch
3dsec.postfinance.ch
dev.tilbago.postfinance.ch
partnerteststatus.postfinance.ch
pfportalmo.postfinance.ch
sipskypebe.post.ch
ep2test2.postfinance.ch
dev.young.postfinance.ch
tilbago.postfinance.ch
statusitservices.postfinance.ch
events-test.postfinance.ch
digitalpfc.int.postfinance.ch
pfportalmo-test.postfinance.ch
sventest.postfinance.ch
survalyzer.postfinance.ch
pizzaportfolio.postfinance.ch
m.commercioestero.postfinance.ch
rivista.postfinance.ch
ai.ep2.postfinance.ch
ef-t2.postfinance.ch
jira-dev.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
sandbox1.postfinance.ch
tlmobile.postfinance.ch
sandbox1.postfinance.ch
collector-test.postfinance.ch
mapps-test.postfinance.ch
sventest.postfinance.ch
egw.postfinance.ch
hosting.postfinance.ch
nladh-t2.postfinance.ch
aussenhandel.postfinance.ch
plano.postfinance.ch
epayment.postfinance.ch
yellowpay.postfinance.ch
universal.postfinance.ch
nlsec.postfinance.ch
challengethefuture.postfinance.ch
skypeweb.post.ch
pfsb.postfinance.ch
plano.postfinance.ch
pfportalmo.postfinance.ch
events-test.postfinance.ch
csgw-t2.postfinance.ch
ep2test.postfinance.ch
epayment-test.postfinance.ch
dev.magazine.postfinance.ch
mapps.postfinance.ch
ef-t2.postfinance.ch
universal.postfinance.ch
meet.post.ch
young.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
pfportalmo-test.postfinance.ch
e-trading.postfinance.ch
www-test.postfinance.ch
e-archiv.postfinance.ch
aliasreg.postfinance.ch
e-finance.postfinance.ch
jobs.postfinance.ch
pfportalmo.postfinance.ch
csgw-test.postfinance.ch
proof.doc-shop.postfinance.ch
commercioestero.postfinance.ch
egw-test.postfinance.ch
e-payment.postfinance.ch
pfsb-admin-test.postfinance.ch
sventest.postfinance.ch
claims.versicherungen.postfinance.ch
youth.postfinance.ch
pfportalext-test.postfinance.ch
sgtm.postfinance.ch
sipskypebe.post.ch
partnerteststatus.postfinance.ch
pfsb-admin-test.postfinance.ch
smartbusiness.postfinance.ch
onlinehypothek-test.postfinance.ch
www-poc-test.postfinance.ch
plano.postfinance.ch
mapps-test.postfinance.ch
www.wcm-test.postfinance.ch
www.doc-shop.postfinance.ch
testplattform.postfinance.ch
oauth.postfinance.ch
privatkredit-peprod.postfinance.ch
www.postfinance.ch
ok-api-test.postfinance.ch
dev.plusfinance.postfinance.ch
outlook.post.ch
benefit.postfinance.ch
egw.postfinance.ch
versicherungen.postfinance.ch
bqztyw.postfinance.ch
ebics-test.postfinance.ch
sventest.postfinance.ch
pfsb-test.postfinance.ch
universal-t2.postfinance.ch
egw-test.postfinance.ch
3dsec.postfinance.ch
dev.tilbago.postfinance.ch
partnerteststatus.postfinance.ch
pfportalmo.postfinance.ch
sipskypebe.post.ch
ep2test2.postfinance.ch
dev.young.postfinance.ch
tilbago.postfinance.ch
statusitservices.postfinance.ch
events-test.postfinance.ch
digitalpfc.int.postfinance.ch
pfportalmo-test.postfinance.ch
sventest.postfinance.ch
survalyzer.postfinance.ch
pizzaportfolio.postfinance.ch
m.commercioestero.postfinance.ch
rivista.postfinance.ch
ai.ep2.postfinance.ch
ef-t2.postfinance.ch
jira-dev.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
sandbox1.postfinance.ch
tlmobile.postfinance.ch
sandbox1.postfinance.ch
collector-test.postfinance.ch
mapps-test.postfinance.ch
sventest.postfinance.ch
egw.postfinance.ch
hosting.postfinance.ch
nladh-t2.postfinance.ch
aussenhandel.postfinance.ch
plano.postfinance.ch
epayment.postfinance.ch
yellowpay.postfinance.ch
universal.postfinance.ch
nlsec.postfinance.ch
challengethefuture.postfinance.ch
skypeweb.post.ch
pfsb.postfinance.ch
plano.postfinance.ch
pfportalmo.postfinance.ch
events-test.postfinance.ch
csgw-t2.postfinance.ch
ep2test.postfinance.ch
epayment-test.postfinance.ch
dev.magazine.postfinance.ch
mapps.postfinance.ch
ef-t2.postfinance.ch
universal.postfinance.ch
meet.post.ch
young.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
pfportalmo-test.postfinance.ch
e-trading.postfinance.ch
www-test.postfinance.ch
Certificate
The complete raw certificate details for tlmobile.postfinance.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHgzCCBWugAwIBAgIUbWiOqkXfsZWrEFTfkPe0ANrnHbswDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDYwNjA2 MDI0MVoXDTI1MDYwNjA2MDI0MVowZDELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkJF MQ0wCwYDVQQHDARCZXJuMRcwFQYDVQQKDA5Qb3N0RmluYW5jZSBBRzEgMB4GA1UE AxMXdGxtb2JpbGUucG9zdGZpbmFuY2UuY2gwggIiMA0GCSqGSIb3DQEBAQUAA4IC DwAwggIKAoICAQCacxcvK3HUxu8x2792huTIzVM6stpPkUInUFEjdoSrlO/U3u0D Nndw1+w1U3qUp/TirPgQv59bR8as9iMHB2EIpjaQvCPAcQe3xWFgDX28s46TXr7d rNhvWwVLXEKKwyvZz+bpt+5hTDSIHwdzajLXbJ8Nj6qWwOTCvvxJ0kyvzCHfgozE tuGJnuU6KSc+sMl8xxViWfE930utc1LTGvOuNUSaGYBvEVbR/wMM+QlW1TGgIzPt unKUvemEh2CzQGg0CLSjj1uNvZIwuuhGoQ30n/+iGjIIYuBDJdp65NKe4O1oW4x9 HpjulkVYOXkCpFcv8QmUxKqgXi+pj0vpCY2uWwRBNxVFdwmjmJwdeH44w2NOD3G+ pKY1TChlPSMt7eOdUkfzrjl6hvKNqylAOMLjLgJRqZ3EUH6jN3QSks6RcUQwXKYd Q+qdKLEnnAyKGPk1M287uun0G33WGH6KdpKWle3ab/HyIAmaagAvzzioAQZsrOHV 0Y1ZHuEWKQFqYvX5bva3Q62PxmJG1mn6jdTs8Ncw6phQ/EqbMOVJ/oGBcRn5wSsW NmeMf+nxERH4QRncrPLrvusXC8yXmUcLbtDkdVsxej5cGP5+0e2RBhhJlr1zkl2A jx/m4pFYhumGeOWuEihWcyVqs/imPAb+e0bUrYMY7oZtQZ1OVykyMZhxlQIDAQAB o4ICPzCCAjswgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRwOi8v YWlhLnN3aXNzc2lnbi5jaC9haXItMGYyYmY5YTUtZGQzNy00OGM5LWE4NWItMTJh Y2RjYjhiZTQ1MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24uY2gv c2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVjMG8G A1UdIARoMGYwCAYGZ4EMAQICMAgGBgQAj3oBBzBQBghghXQBWQIBAjBEMEIGCCsG AQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1Np Z25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lz c3NpZ24uY2gvY2RwLTk2YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNlNDAwMmMxY2Qz NDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWg MDwGA1UdEQQ1MDOCF3RsbW9iaWxlLnBvc3RmaW5hbmNlLmNoghh0ZWxlbWV0cnku cG9zdGZpbmFuY2UuY2gwHQYDVR0OBBYEFIwUuv/sQBNMaSqGBPXiopxgOR92MB8G A1UdIwQYMBaAFHxvCm8TD9mMJG8mNPNca0NttyO2MBMGCisGAQQB1nkCBAMBAf8E AgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAYHXZCPMu5x0d1wIFoySfrvFFDviYSK0fv Bd8mNT+I+vj4V358YQ0YOEMDBByRJUT/Dje8kCHjPPPdUq3/afcr5bIAS+3rQprT 9hcUWTFI6D6mW3afx0fJPtWWNunTJYoyDV2vqWIZmMbSKvVrBnbrsEMmMXMsoYxp Yi8wuoWoLFtVT/kEsm9Tbt+q8U1UJQnOHo29Bdef1S316Z+5JKEhmvscxVh8JWNJ fzTWsuFNGrOJgbj51MZncX0x5d6VHUYxpCgqYF8sGOWApzYshCirnMadtpD49llg fB+q+J6gTV7BH/G6gn0aK0n6OO7UAiCKTFIi6Lrn2IeaFD8/dm292WJZozlQ3pid bR4Tjay+uHE5FrtGAQqej1v3QOiZ3d+92gKA5M3AqBACJUK/NcXvRT1ZxpCGBlJc 2U/ekOvvwgi5du/oSBdi53RqCGIrG6WzBbwLKYRmghkrwLx3g6tj/Hj14CkcKAY4 28QukGNIVokf4Qsu/GbmYXT4dcJUyLZ8xrCxxCY9/xDJHm+Ah9u2xE4DB7rgbIVn sHn4B+Nky1lTzSw3pdiWm2c/fuwvHs4jdUmjIsYBOIUdRryMPcIP5BS0jynyj9dU tw2mgmlM/DxIOLEw5mvAn0p5dXjjhNMC75Z5S1VWM4LYQQbNOoBzZZ2AU3dA+d6J 7M7s2f2aCQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmnMXLytx1MbvMdu/dobk yM1TOrLaT5FCJ1BRI3aEq5Tv1N7tAzZ3cNfsNVN6lKf04qz4EL+fW0fGrPYjBwdh CKY2kLwjwHEHt8VhYA19vLOOk16+3azYb1sFS1xCisMr2c/m6bfuYUw0iB8Hc2oy 12yfDY+qlsDkwr78SdJMr8wh34KMxLbhiZ7lOiknPrDJfMcVYlnxPd9LrXNS0xrz rjVEmhmAbxFW0f8DDPkJVtUxoCMz7bpylL3phIdgs0BoNAi0o49bjb2SMLroRqEN 9J//ohoyCGLgQyXaeuTSnuDtaFuMfR6Y7pZFWDl5AqRXL/EJlMSqoF4vqY9L6QmN rlsEQTcVRXcJo5icHXh+OMNjTg9xvqSmNUwoZT0jLe3jnVJH8645eobyjaspQDjC 4y4CUamdxFB+ozd0EpLOkXFEMFymHUPqnSixJ5wMihj5NTNvO7rp9Bt91hh+inaS lpXt2m/x8iAJmmoAL884qAEGbKzh1dGNWR7hFikBamL1+W72t0Otj8ZiRtZp+o3U 7PDXMOqYUPxKmzDlSf6BgXEZ+cErFjZnjH/p8RER+EEZ3Kzy677rFwvMl5lHC27Q 5HVbMXo+XBj+ftHtkQYYSZa9c5JdgI8f5uKRWIbphnjlrhIoVnMlarP4pjwG/ntG 1K2DGO6GbUGdTlcpMjGYcZUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 624611699405928595215745209805742606123039923643 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-06 06:02:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-06 06:02:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PostFinance AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tlmobile.postfinance.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 630099282313687176393909234383065428831032919045710870111807449225537544309862674984939406665353286464950947597955072156295708082557059818980335006163900449635875546215227731810288910625000918300823242455161658438441014927132941252106915985546178416196429116057361659833886343402886073609980785574024211325664563755705276203695754485998916608681806087467059316843887257505713343105936764811754136275737436886640680561826494102302423359098225085102405564795189666057826637488868536965502584630614548192943361418627332687616288231391768564424940996384869482404637496658509980968011084846939690146283804477106409201942407386035713300851621343739803963929851875147524490598554797502530494632333478871463828821164556434867249154276381158108609014384525422368851324484505791231201740570184141638143881377313553896212769099423973529528356401600367296994261807759441278635845378912190118843977748296364867347331885631941387667833244304962795433768013810487697750911928833191861342517134037852470577362475157877724561796550920458581841114275746580215504765334013833150429880970880246803976224414337663354452859903430876366618332710460466407122763643400331531183917093083790613052043480982123305479518027068226719843607722327908836705171960213 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tlmobile.postfinance.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'telemetry.postfinance.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8c14baffec40134c692a8604f5e2a29c60391f76 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00181d76423ccbb9c74775c08168c927ebbc5143be26122b47ef05df26353f88faf8f8577e7c610d18384303041c912544ff0e37bc9021e33cf3dd52adff69f72be5b2004bedeb429ad3f61714593148e83ea65b769fc747c93ed59636e9d3258a320d5dafa9621998c6d22af56b0676ebb0432631732ca18c69622f30ba85a82c5b554ff904b26f536edfaaf14d542509ce1e8dbd05d79fd52df5e99fb924a1219afb1cc5587c2563497f34d6b2e14d1ab38981b8f9d4c667717d31e5de951d4631a4282a605f2c18e580a7362c8428ab9cc69db690f8f659607c1faaf89ea04d5ec11ff1ba827d1a2b49fa38eed402208a4c5222e8bae7d8879a143f3f766dbdd96259a33950de989d6d1e138dacbeb8713916bb46010a9e8f5bf740e899dddfbdda0280e4cdc0a810022542bf35c5ef453d59c6908606525cd94fde90ebefc208b976efe8481762e7746a08622b1ba5b305bc0b29846682192bc0bc7783ab63fc78f5e0291c280638dbc42e90634856891fe10b2efc66e66174f875c254c8b67cc6b0b1c4263dff10c91e6f8087dbb6c44e0307bae06c8567b079f807e364cb5953cd2c37a5d8969b673f7eec2f1ece237549a322c60138851d46bc8c3dc20fe414b48f29f28fd754b70da682694cfc3c4838b130e66bc09f4a797578e384d302ef96794b55563382d84106cd3a8073659d80537740f9de89ecceecd9fd9a09