nlsec.postfinance.ch
- PostFinance AG -
Issued by SwissSign RSA TLS EV ICA 2021 - 1
About this certificate
This digital certificate with serial number 17:f9:27:cd:9f:f7:99:da:2c:2a:0e:b1:0f:12:6c:4c:3e:ae:54:19 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
PostFinance AG
Company registration number:
CHE-114.583.749
Organization: PostFinance AG
Organization: PostFinance AG
Address:
Mingerstrasse 20
Postal code: 3030
State / Province: BE
Locality: Bern
Country: CH
Postal code: 3030
State / Province: BE
Locality: Bern
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 17:f9:27:cd:9f:f7:99:da:2c:2a:0e:b1:0f:12:6c:4c:3e:ae:54:19Serial Number (int): 136863140633051860809545629090124439554154714137
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: 81:3f:c3:d9:08:58:25:a3:67:4b:12:12:d9:3a:eb:7c:0f:77:01:89
AuthorityKeyId: da:34:d4:8e:10:23:f4:6a:2d:6c:b4:1f:f3:28:11:de:5e:01:c4:de
Fingerprint (sha1): b5:b3:ab:9d:30:ae:54:1c:2c:91:39:16:ed:a4:ec:a7:42:b1:43:21
Fingerprint (sha256): 11:10:1d:b6:6c:30:63:71:bd:bd:b9:48:3e:a4:82:15:f9:d8:81:bc:9e:ca:ae:14:21:af:11:f6:cb:10:bf:3d
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE
Revocation information
OCSP Server: http://ocsp.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DECRL Distribution Point: http://crl.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE
CRL Distribution Point: ldap://directory.swisssign.net/CN=DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate nlsec.postfinance.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nlsec.postfinance.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nlsec.postfinance.ch
www.nlsec.postfinance.ch
www.nlsec.postfinance.ch
Other certificates including the domain name postfinance.ch
(limited to 100 certificates)
www.postfinance.ch
e-archiv.postfinance.ch
aliasreg.postfinance.ch
e-finance.postfinance.ch
jobs.postfinance.ch
pfportalmo.postfinance.ch
csgw-test.postfinance.ch
proof.doc-shop.postfinance.ch
commercioestero.postfinance.ch
egw-test.postfinance.ch
e-payment.postfinance.ch
sventest.postfinance.ch
youth.postfinance.ch
pfportalext-test.postfinance.ch
sgtm.postfinance.ch
sipskypebe.post.ch
pfsb-admin-test.postfinance.ch
smartbusiness.postfinance.ch
onlinehypothek-test.postfinance.ch
www-poc-test.postfinance.ch
plano.postfinance.ch
mapps-test.postfinance.ch
www.wcm-test.postfinance.ch
www.doc-shop.postfinance.ch
testplattform.postfinance.ch
oauth.postfinance.ch
privatkredit-peprod.postfinance.ch
www.postfinance.ch
dev.plusfinance.postfinance.ch
outlook.post.ch
benefit.postfinance.ch
egw.postfinance.ch
versicherungen.postfinance.ch
ebics-test.postfinance.ch
sventest.postfinance.ch
pfsb-test.postfinance.ch
universal-t2.postfinance.ch
egw-test.postfinance.ch
3dsec.postfinance.ch
dev.tilbago.postfinance.ch
pfportalmo.postfinance.ch
sipskypebe.post.ch
dev.young.postfinance.ch
tilbago.postfinance.ch
statusitservices.postfinance.ch
events-test.postfinance.ch
digitalpfc.int.postfinance.ch
pfportalmo-test.postfinance.ch
sventest.postfinance.ch
m.commercioestero.postfinance.ch
rivista.postfinance.ch
ai.ep2.postfinance.ch
ef-t2.postfinance.ch
jira-dev.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
sandbox1.postfinance.ch
sandbox1.postfinance.ch
collector-test.postfinance.ch
mapps-test.postfinance.ch
sventest.postfinance.ch
egw.postfinance.ch
hosting.postfinance.ch
nladh-t2.postfinance.ch
aussenhandel.postfinance.ch
plano.postfinance.ch
epayment.postfinance.ch
yellowpay.postfinance.ch
nlsec.postfinance.ch
challengethefuture.postfinance.ch
skypeweb.post.ch
pfsb.postfinance.ch
plano.postfinance.ch
pfportalmo.postfinance.ch
events-test.postfinance.ch
csgw-t2.postfinance.ch
epayment-test.postfinance.ch
dev.magazine.postfinance.ch
mapps.postfinance.ch
ef-t2.postfinance.ch
meet.post.ch
young.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
pfportalmo-test.postfinance.ch
e-trading.postfinance.ch
www-poc-test.postfinance.ch
pfportalext-test.postfinance.ch
events-test.postfinance.ch
pfportalmo.postfinance.ch
bqztyw.postfinance.ch
young.postfinance.ch
questback.postfinance.ch
www.plusfinance.postfinance.ch
csgw-test.postfinance.ch
stage.tour.postfinance.ch
3dsec.postfinance.ch
www2.postfinance.ch
teleoptipf.postfinance.ch
plano.postfinance.ch
e-archiv.postfinance.ch
aliasreg.postfinance.ch
e-finance.postfinance.ch
jobs.postfinance.ch
pfportalmo.postfinance.ch
csgw-test.postfinance.ch
proof.doc-shop.postfinance.ch
commercioestero.postfinance.ch
egw-test.postfinance.ch
e-payment.postfinance.ch
sventest.postfinance.ch
youth.postfinance.ch
pfportalext-test.postfinance.ch
sgtm.postfinance.ch
sipskypebe.post.ch
pfsb-admin-test.postfinance.ch
smartbusiness.postfinance.ch
onlinehypothek-test.postfinance.ch
www-poc-test.postfinance.ch
plano.postfinance.ch
mapps-test.postfinance.ch
www.wcm-test.postfinance.ch
www.doc-shop.postfinance.ch
testplattform.postfinance.ch
oauth.postfinance.ch
privatkredit-peprod.postfinance.ch
www.postfinance.ch
dev.plusfinance.postfinance.ch
outlook.post.ch
benefit.postfinance.ch
egw.postfinance.ch
versicherungen.postfinance.ch
ebics-test.postfinance.ch
sventest.postfinance.ch
pfsb-test.postfinance.ch
universal-t2.postfinance.ch
egw-test.postfinance.ch
3dsec.postfinance.ch
dev.tilbago.postfinance.ch
pfportalmo.postfinance.ch
sipskypebe.post.ch
dev.young.postfinance.ch
tilbago.postfinance.ch
statusitservices.postfinance.ch
events-test.postfinance.ch
digitalpfc.int.postfinance.ch
pfportalmo-test.postfinance.ch
sventest.postfinance.ch
m.commercioestero.postfinance.ch
rivista.postfinance.ch
ai.ep2.postfinance.ch
ef-t2.postfinance.ch
jira-dev.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
sandbox1.postfinance.ch
sandbox1.postfinance.ch
collector-test.postfinance.ch
mapps-test.postfinance.ch
sventest.postfinance.ch
egw.postfinance.ch
hosting.postfinance.ch
nladh-t2.postfinance.ch
aussenhandel.postfinance.ch
plano.postfinance.ch
epayment.postfinance.ch
yellowpay.postfinance.ch
nlsec.postfinance.ch
challengethefuture.postfinance.ch
skypeweb.post.ch
pfsb.postfinance.ch
plano.postfinance.ch
pfportalmo.postfinance.ch
events-test.postfinance.ch
csgw-t2.postfinance.ch
epayment-test.postfinance.ch
dev.magazine.postfinance.ch
mapps.postfinance.ch
ef-t2.postfinance.ch
meet.post.ch
young.postfinance.ch
epayment.postfinance.ch
www-test.postfinance.ch
pfportalmo-test.postfinance.ch
e-trading.postfinance.ch
www-poc-test.postfinance.ch
pfportalext-test.postfinance.ch
events-test.postfinance.ch
pfportalmo.postfinance.ch
bqztyw.postfinance.ch
young.postfinance.ch
questback.postfinance.ch
www.plusfinance.postfinance.ch
csgw-test.postfinance.ch
stage.tour.postfinance.ch
3dsec.postfinance.ch
www2.postfinance.ch
teleoptipf.postfinance.ch
plano.postfinance.ch
Certificate
The complete raw certificate details for nlsec.postfinance.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHzTCCBbWgAwIBAgIUF/knzZ/3mdosKg6xDxJsTD6uVBkwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRVYgSUNBIDIwMjEgLSAxMB4XDTIyMDQxNDA3 MDUwN1oXDTIzMDQxNDA3MDUwN1owge4xEzARBgsrBgEEAYI3PAIBAxMCQ0gxEzAR BgsrBgEEAYI3PAIBAhMCQkUxGDAWBgNVBAUTD0NIRS0xMTQuNTgzLjc0OTEdMBsG A1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xCzAJBgNVBAYTAkNIMQswCQYDVQQI EwJCRTENMAsGA1UEBxMEQmVybjENMAsGA1UEERMEMzAzMDEZMBcGA1UECRMQTWlu Z2Vyc3RyYXNzZSAyMDEXMBUGA1UEChMOUG9zdEZpbmFuY2UgQUcxHTAbBgNVBAMT FG5sc2VjLnBvc3RmaW5hbmNlLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAuB45PD6DnbTPYBzo2mX+cO/ZGHFZX+Wi/fAuBjXu4mSD8FgtqCCUSbO6 PTjnc+Bqu8OWhgLtR0i7vpQtaRIl4UxuViekcSoq2riy5w/xrVvFGHGtViirAxuj jHRWObhUPTUTd/5SFzJmQJTi0GzFVcr7CRV4waJPByhf9TehDnKR/XalYBqGkgxQ pum92A0VLVeYY3JnJSeQSb6tYvqLhkZTb1tQkeyIVRVzktVWaa62dc7ReyLYbV+/ j1tF6FusZPj43XCn1whEZgY5Lsyc6PswHfk288+ur0ukVrtYO23zh57OoOi+3wdf zoZDafJOGA+tq73Enckat6SVn4rPIwIDAQABo4IC/jCCAvowOQYDVR0RBDIwMIIU bmxzZWMucG9zdGZpbmFuY2UuY2iCGHd3dy5ubHNlYy5wb3N0ZmluYW5jZS5jaDAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G A1UdDgQWBBSBP8PZCFglo2dLEhLZOut8D3cBiTAfBgNVHSMEGDAWgBTaNNSOECP0 ai1stB/zKBHeXgHE3jCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRwOi8vY3JsLnN3 aXNzc2lnbi5uZXQvREEzNEQ0OEUxMDIzRjQ2QTJENkNCNDFGRjMyODExREU1RTAx QzRERTCBqKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5ldC9D Tj1EQTM0RDQ4RTEwMjNGNDZBMkQ2Q0I0MUZGMzI4MTFERTVFMDFDNERFJTJDTz1T d2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9v YmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBuBgNVHSAEZzBlMFAGCGCF dAFZAgEDMEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3Np Z24uY29tL1N3aXNzU2lnbl9DUFNfVExTLnBkZjAIBgYEAI96AQQwBwYFZ4EMAQEw gcYGCCsGAQUFBwEBBIG5MIG2MGQGCCsGAQUFBzAChlhodHRwOi8vc3dpc3NzaWdu Lm5ldC9jZ2ktYmluL2F1dGhvcml0eS9kb3dubG9hZC9EQTM0RDQ4RTEwMjNGNDZB MkQ2Q0I0MUZGMzI4MTFERTVFMDFDNERFME4GCCsGAQUFBzABhkJodHRwOi8vb2Nz cC5zd2lzc3NpZ24ubmV0L0RBMzRENDhFMTAyM0Y0NkEyRDZDQjQxRkYzMjgxMURF NUUwMUM0REUwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggIB AKQaat9iUcxbsUMLi8fYZTAAReH9diqaFXGLA64aHnzI0z5rS/2rOx7iCpXvon0X IbyBIZaudv+E7anDUb2lRJ1NFeRxMR0zpH2RHwjm5FR7E29Wdhb3hPN4oseoV5Wu nTZ5DdYF3JoDpEhQuqtfKk3G6t3ZQAl8TmIrYiPhwpgu73uPSei9cAUUXvqXKW5t f6GceFJp0ZDeyMudVi2WzfZy8GOVO8RVyGj/2ZvIvgo8bbSe3o+rJv4iqweFHzJJ VPkBBpj64Q3DeuzptRIP+eV+JAOvAwogBQ924Efqxvt9CP6oUkM8C9qqq/VKlN7Q siPvXhQ4PTishsOTG0d/fDQiikHVovFJxFHb1wYP209uGbTOrv0KIkdL+49QqJo0 dp+P1N/r0FZPVumgxXgDL/EmqwR/oYnVuy3FG+ApnoPhReCxITuMmls2ceHlskUb z4/aN7ho6NNy2oOjXc1ppT/xzIFL1BSTz4qq8HcojH16+dPzWgaUJlP1c3PwgIy5 hpqUFNIDAmDK67sDEB3AyXO380ezq2haQGw7iZmekc8h/tDVpHBg+1k1w+Ilp09G KVTlWeuXX4Ua87vu/BUXAff8CK1slsW+t8Wpia/tAsQtfZhtzcd3OcuR27DR+Hf1 XcQvyPgZRmw+lDovTm++8OKnB8QGf+1NBmCGTQJgetGu -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB45PD6DnbTPYBzo2mX+ cO/ZGHFZX+Wi/fAuBjXu4mSD8FgtqCCUSbO6PTjnc+Bqu8OWhgLtR0i7vpQtaRIl 4UxuViekcSoq2riy5w/xrVvFGHGtViirAxujjHRWObhUPTUTd/5SFzJmQJTi0GzF Vcr7CRV4waJPByhf9TehDnKR/XalYBqGkgxQpum92A0VLVeYY3JnJSeQSb6tYvqL hkZTb1tQkeyIVRVzktVWaa62dc7ReyLYbV+/j1tF6FusZPj43XCn1whEZgY5Lsyc 6PswHfk288+ur0ukVrtYO23zh57OoOi+3wdfzoZDafJOGA+tq73Enckat6SVn4rP IwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 136863140633051860809545629090124439554154714137 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS EV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-04-14 07:05:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-14 07:05:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CHE-114.583.749' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3030' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mingerstrasse 20' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PostFinance AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nlsec.postfinance.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23242751914307804070440150204008668015713828429356138970075244183324320323812092662894618634812244091291255309962977632075265392151495701195961509001908651745213281878409991164181349538024418892608615102284042796325692965346036283706571477780080351495700643378061552011854604244278462750836989277444265081227476430467546890187701964112162170833693398268130681007557994327552401126440797969010283751334478608265892537989455410629772324675059211930260103549813555449760102864322314250313714271722442939657710242934641173057276248479619397959824721128119532265228876413580320256301739305132371647471963483256806169038627 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nlsec.postfinance.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nlsec.postfinance.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 813fc3d9085825a3674b1212d93aeb7c0f770189 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName da34d48e1023f46a2d6cb41ff32811de5e01c4de . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/DA34D48E1023F46A2D6CB41FF32811DE5E01C4DE' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00a41a6adf6251cc5bb1430b8bc7d865300045e1fd762a9a15718b03ae1a1e7cc8d33e6b4bfdab3b1ee20a95efa27d1721bc812196ae76ff84eda9c351bda5449d4d15e471311d33a47d911f08e6e4547b136f567616f784f378a2c7a85795ae9d36790dd605dc9a03a44850baab5f2a4dc6eaddd940097c4e622b6223e1c2982eef7b8f49e8bd7005145efa97296e6d7fa19c785269d190dec8cb9d562d96cdf672f063953bc455c868ffd99bc8be0a3c6db49ede8fab26fe22ab07851f324954f9010698fae10dc37aece9b5120ff9e57e2403af030a20050f76e047eac6fb7d08fea852433c0bdaaaabf54a94ded0b223ef5e14383d38ac86c3931b477f7c34228a41d5a2f149c451dbd7060fdb4f6e19b4ceaefd0a22474bfb8f50a89a34769f8fd4dfebd0564f56e9a0c578032ff126ab047fa189d5bb2dc51be0299e83e145e0b1213b8c9a5b3671e1e5b2451bcf8fda37b868e8d372da83a35dcd69a53ff1cc814bd41493cf8aaaf077288c7d7af9d3f35a06942653f57373f0808cb9869a9414d2030260caebbb03101dc0c973b7f347b3ab685a406c3b89999e91cf21fed0d5a47060fb5935c3e225a74f462954e559eb975f851af3bbeefc151701f7fc08ad6c96c5beb7c5a989afed02c42d7d986dcdc77739cb91dbb0d1f877f55dc42fc8f819466c3e943a2f4e6fbef0e2a707c4067fed4d0660864d02607ad1ae