sip3.snb.ch
- Schweizerische Nationalbank -
Issued by SwissSign RSA TLS EV ICA 2022 - 1
About this certificate
This digital certificate with serial number 1f:2e:33:c8:3c:57:dc:0b:7f:ef:1b:b3:5a:0c:9c:05:d0:7c:7b:46 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Schweizerische Nationalbank
Company registration number:
CHE-105.944.570
Organization: Schweizerische Nationalbank
Organization: Schweizerische Nationalbank
Address:
Börsenstrasse 15
Postal code: 8001
State / Province: ZH
Locality: Zurich
Country: CH
Postal code: 8001
State / Province: ZH
Locality: Zurich
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 1f:2e:33:c8:3c:57:dc:0b:7f:ef:1b:b3:5a:0c:9c:05:d0:7c:7b:46Serial Number (int): 178009059037937210491013507478936575269029051206
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: 28:f7:da:ce:e2:4b:71:0f:49:fc:5f:3e:6e:80:e7:6d:bf:ac:b9:56
AuthorityKeyId: 49:52:df:30:86:92:59:5f:34:9c:25:48:24:ab:c0:eb:d1:06:f2:d6
Fingerprint (sha1): c5:47:2d:e2:49:2c:95:ff:fb:0d:a2:cb:e3:24:6c:ac:2d:c1:4c:1a
Fingerprint (sha256): 0e:d1:39:82:57:7b:ef:f2:6c:0a:26:3b:2e:02:f7:6c:f8:63:f7:e7:45:e6:24:a9:0f:72:6a:5f:60:cb:62:0d
Issuing Certificate URL: http://aia.swisssign.ch/air-20350159-813d-4532-b988-8519eca57650
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-9fdd910e-b9ff-4b2f-be38-2e93708c1b36
Check the revocation status for certificate sip3.snb.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sip3.snb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
webconf4.snb.ch
sip3.snb.ch
sip3.snb.ch
Other certificates including the domain name snb.ch
(limited to 100 certificates)
remotemail.snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
rastest.snb.ch
rastest.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
rastest.snb.ch
rastest.snb.ch
sip3.snb.ch
mailz.snb.ch
bbuem.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
ras-betest.snb.ch
rastest.snb.ch
ras.snb.ch
sip3.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
sip3.snb.ch
vcse.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
vcse.snb.ch
testswiss.snb.ch
testgold.snb.ch
bbuem.snb.ch
data.snb.ch
surveys-usertest.snb.ch
wlanportal1.snb.ch
secmail.snb.ch
ras.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
ras.snb.ch
alert.snb.ch
ras.snb.ch
data.snb.ch
secmail.snb.ch
sip2.snb.ch
rastest.snb.ch
secmail.snb.ch
rastest.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
rastest.snb.ch
ras.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
rastest.snb.ch
rastest.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
rastest.snb.ch
rastest.snb.ch
sip3.snb.ch
mailz.snb.ch
bbuem.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
ras-betest.snb.ch
rastest.snb.ch
ras.snb.ch
sip3.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
sip3.snb.ch
vcse.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
vcse.snb.ch
testswiss.snb.ch
testgold.snb.ch
bbuem.snb.ch
data.snb.ch
surveys-usertest.snb.ch
wlanportal1.snb.ch
secmail.snb.ch
ras.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
ras.snb.ch
alert.snb.ch
ras.snb.ch
data.snb.ch
secmail.snb.ch
sip2.snb.ch
rastest.snb.ch
secmail.snb.ch
rastest.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
rastest.snb.ch
ras.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
Certificate
The complete raw certificate details for sip3.snb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG/zCCBOegAwIBAgIUHy4zyDxX3At/7xuzWgycBdB8e0YwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRVYgSUNBIDIwMjIgLSAxMB4XDTIzMTAwMzE0 MjYwNFoXDTI0MTAwMzE0MjYwNFowgfUxEzARBgsrBgEEAYI3PAIBAxMCQ0gxEzAR BgsrBgEEAYI3PAIBAgwCWkgxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9u MQswCQYDVQQGEwJDSDELMAkGA1UECAwCWkgxDzANBgNVBAcMBlp1cmljaDENMAsG A1UEERMEODAwMTEaMBgGA1UECQwRQsO2cnNlbnN0cmFzc2UgMTUxJDAiBgNVBAoM G1NjaHdlaXplcmlzY2hlIE5hdGlvbmFsYmFuazEYMBYGA1UEBRMPQ0hFLTEwNS45 NDQuNTcwMRQwEgYDVQQDEwtzaXAzLnNuYi5jaDCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAIMbIx29PkrsH70I5Mu4Mvs3WOXqxbZ80Oteg6rztcXVZcv6 iBKFau/znYk5vVbfWoZiNXaU8ExQli03Th2J9CUeWuFi2qAQnCC9bV0aazWhiwDI zVAkP/UCf6Cn9LY7dL9Z+kHBe8BsCvD/gVVOvbCt9Qh2Qg0pRblYGzONOFG4ko4h 6+DtsqxTDPd5O+J0Hop33h39m+dGDCjQ7NxDtAAHeEcsXBBy3qKnbVykgURdFf7W 5vVxMTZG/sUJT8GTvvB8Q9gnbTbjRYUBc7i2lw+DUQ/ekY2mlZ2EzJx2b8AwW/K0 apACdJCYlzSkuabohV3km9Ah2cwfiBdcvYsaW/MCAwEAAaOCAikwggIlMIGyBggr BgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZAaHR0cDovL2FpYS5zd2lzc3NpZ24u Y2gvYWlyLTIwMzUwMTU5LTgxM2QtNDUzMi1iOTg4LTg1MTllY2E1NzY1MDBSBggr BgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3NzaWduLmNoL3NpZ24vb2NzLWFhY2Nj ZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjczZWZlYzBuBgNVHSAEZzBlMAcGBWeB DAEBMAgGBgQAj3oBBDBQBghghXQBWQIBAzBEMEIGCCsGAQUFBwIBFjZodHRwczov L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYw UQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lzc3NpZ24uY2gvY2RwLTlm ZGQ5MTBlLWI5ZmYtNGIyZi1iZTM4LTJlOTM3MDhjMWIzNjAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdEQQgMB6CD3dl YmNvbmY0LnNuYi5jaIILc2lwMy5zbmIuY2gwHQYDVR0OBBYEFCj32s7iS3EPSfxf Pm6A522/rLlWMB8GA1UdIwQYMBaAFElS3zCGkllfNJwlSCSrwOvRBvLWMBMGCisG AQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQCZXoPSeu+uQLRV86uZ EfWzctv9fkZWXe2ZcGVtCMSshi7wk5gTKMgUpu2UfILEp0nj7Fjmlp/xURLdzmK4 KVlrup7Va+lVBuEwpWPc7u6ibNxnG35yl+ncKL1UsjjySOtNncPx9Kw4bJOCNCjx AjnAMR+Kmi2N5jc9IjaVy4jIfFhdBOdM38ui1cdyDFIOVlMml+rUzCc/JwGV8+Ae 80Fsl8JXfsLlwQK3nZ8J1TZNbOZUKufWRC3tV/nx2lqB+YMltJilxUlm/jJlNvZ/ 9u3fT2s+PzuZktRVrPLBwXXDYC7FXVdMCAY2tst5AkLEi9nyCGF36pugphAToNxs Y9Q/ctOBwHpOsNdgIPFUYAqfUQmLBqWHPDvUEJxEyttWBjvLINhi5nTWKm8VJCgJ qGloR3/sIxwJDnbfbCmLevLP7OZCkeSj0YNtIkepreExx/Bwz6V+nk2FRQzllkVr v0+DtDciE1JDFcUxGIOGj1W6jen8jqH2GEI2JSNQ5MwXqiFNv427ozCxelmV3srl hOXtPv40ummHyKRRw62zB09Qea9DlcCd8f9PJxWUvIa7/jAJow4YE3N0NH89EY3O WQ8WBnHjTB3dleP6a3w1tp24ifCNjNnPUHej+nM+y2evXT0YFfQkWXipVJcduTfP xkbemlQdZmR0XAK6qArGwkqn0g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxsjHb0+SuwfvQjky7gy +zdY5erFtnzQ616DqvO1xdVly/qIEoVq7/OdiTm9Vt9ahmI1dpTwTFCWLTdOHYn0 JR5a4WLaoBCcIL1tXRprNaGLAMjNUCQ/9QJ/oKf0tjt0v1n6QcF7wGwK8P+BVU69 sK31CHZCDSlFuVgbM404UbiSjiHr4O2yrFMM93k74nQeinfeHf2b50YMKNDs3EO0 AAd4RyxcEHLeoqdtXKSBRF0V/tbm9XExNkb+xQlPwZO+8HxD2CdtNuNFhQFzuLaX D4NRD96RjaaVnYTMnHZvwDBb8rRqkAJ0kJiXNKS5puiFXeSb0CHZzB+IF1y9ixpb 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 178009059037937210491013507478936575269029051206 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS EV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-03 14:26:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-03 14:26:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ZH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ZH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zurich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '8001' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Börsenstrasse 15' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Schweizerische Nationalbank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CHE-105.944.570' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sip3.snb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16550599789078474454773360949009925163763364713073432777602180383952053062367266055371673339918379317444091492529491758381888332411751136337770364344977404686752954596943907723090043048034850591306373143302328119828744750679767533281858634361983501850065455565585654159658956556988097629568115734889473967926477368674499909581025376562191223004681243054117526875799737364084499299626283014346721174998153795366979170667952400291121477680155217242991151765515904893076183996123005328788604822755280279550841809979809659766949104056752603787956823552049929632527581020355054812117250939688904408257408652784040970705907 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-20350159-813d-4532-b988-8519eca57650' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-9fdd910e-b9ff-4b2f-be38-2e93708c1b36' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webconf4.snb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sip3.snb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 28f7dacee24b710f49fc5f3e6e80e76dbfacb956 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4952df308692595f349c254824abc0ebd106f2d6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00995e83d27aefae40b455f3ab9911f5b372dbfd7e46565ded9970656d08c4ac862ef093981328c814a6ed947c82c4a749e3ec58e6969ff15112ddce62b829596bba9ed56be95506e130a563dceeeea26cdc671b7e7297e9dc28bd54b238f248eb4d9dc3f1f4ac386c93823428f10239c0311f8a9a2d8de6373d223695cb88c87c585d04e74cdfcba2d5c7720c520e56532697ead4cc273f270195f3e01ef3416c97c2577ec2e5c102b79d9f09d5364d6ce6542ae7d6442ded57f9f1da5a81f98325b498a5c54966fe326536f67ff6eddf4f6b3e3f3b9992d455acf2c1c175c3602ec55d574c080636b6cb790242c48bd9f2086177ea9ba0a61013a0dc6c63d43f72d381c07a4eb0d76020f154600a9f51098b06a5873c3bd4109c44cadb56063bcb20d862e674d62a6f15242809a86968477fec231c090e76df6c298b7af2cfece64291e4a3d1836d2247a9ade131c7f070cfa57e9e4d85450ce596456bbf4f83b4372213524315c5311883868f55ba8de9fc8ea1f6184236252350e4cc17aa214dbf8dbba330b17a5995decae584e5ed3efe34ba6987c8a451c3adb3074f5079af4395c09df1ff4f271594bc86bbfe3009a30e18137374347f3d118dce590f160671e34c1ddd95e3fa6b7c35b69db889f08d8cd9cf5077a3fa733ecb67af5d3d1815f4245978a954971db937cfc646de9a541d6664745c02baa80ac6c24aa7d2