cucmuserlabo000-ms.ceti.etat-ge.ch

- Republique et Canton de Geneve -

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate

This digital certificate with serial number 13:a3:f1:3b:75:d8:c5:c4:0b:a3:e0:50:db:a6:fb:d0:74:25:b1:93 was issued on by SwissSign AG.

With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [ContentCommitment DataEncipherment DigitalSignature KeyEncipherment] (00001111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Republique et Canton de Geneve

Organization: Republique et Canton de Geneve
Organization unit: DGSI
State / Province: Geneve
Locality: Geneve
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 13:a3:f1:3b:75:d8:c5:c4:0b:a3:e0:50:db:a6:fb:d0:74:25:b1:93
Serial Number (int): 112126860407227867882604137846168245161393762707
Serial Number lenght: 157 bits, 20 octets

SubjectKeyId: 70:f0:99:c5:5a:78:80:53:bc:f2:e5:05:0d:f4:1d:d6:d0:84:28:a0
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): 81:87:cb:6b:19:e9:e3:65:e8:db:a5:9e:b5:fc:c9:50:ad:c7:f2:9c
Fingerprint (sha256): 11:45:ba:92:84:85:21:d7:6b:eb:99:d1:0a:9b:3b:9b:04:46:35:4d:e6:87:58:94:90:10:ce:92:f0:eb:95:a6

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate cucmuserlabo000-ms.ceti.etat-ge.ch

13

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cucmuserlabo000-ms.ceti.etat-ge.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cucmuserlabo000-ms.ceti.etat-ge.ch
impuserlabo000.ceti.etat-ge.ch
justice.ge.ch
cucmuserlabo009.ceti.etat-ge.ch
ceti.etat-ge.ch
police.ge.ch
etat.ge.ch
impuserlabo001.ceti.etat-ge.ch
csp.ge.ch
labo.ceti.etat-ge.ch
cucmuserlabo001.ceti.etat-ge.ch
edu.ge.ch
cucmuserlabo000.ceti.etat-ge.ch

Other certificates including the domain name etat-ge.ch

(limited to 100 certificates)
impuserlabo000-ms.ceti.etat-ge.ch
api.soca.lbdev.etat-ge.ch
vcscgv2-1.ceti.etat-ge.ch
uccxuser000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
*.devops.etat-ge.ch
jabbergsrv001.ceti.etat-ge.ch
pexip.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
impuser000-ms.ceti.etat-ge.ch
prod.etat-ge.ch
pccecuic000.ceti.etat-ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
vcsenhp-1.ge.ch
jabberguest.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
uccxuserlabo000-ms.ceti.etat-ge.ch
jabbergexpe002.ge.ch
vcscnhp-1.ceti.etat-ge.ch
pccefin001.ceti.etat-ge.ch
uccxuserlabo000-ms.ceti.etat-ge.ch
cucmsme000-ms.ceti.etat-ge.ch
cucuserlabo000-ms.ceti.etat-ge.ch
vcselabo-2.ge.ch
cucmlabo000.ceti.etat-ge.ch
annuaire.ge.ch
uccxuserlabo000-ms.ceti.etat-ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
cucmsme000-ms.ceti.etat-ge.ch
*.apps.soca.lbprod.etat-ge.ch
cucuserlabo000-ms.ceti.etat-ge.ch
pccefinlab000-ms.ceti.etat-ge.ch
jabbergsrv003.ceti.etat-ge.ch
vcselabo-1.ge.ch
cuacuser000.ad.etat-ge.ch
jabbergsrv003.ceti.etat-ge.ch
ldapedu.ge.ch
cuacuser000.ad.etat-ge.ch
participer-rec.ge.ch
ldapedu.ge.ch
participer-rec.ge.ch
ldapedu-rectech.ceti.etat-ge.ch
vcsegv2-1.ge.ch
vcselabo-2.ge.ch
pccecuiclab000.ceti.etat-ge.ch
vcselabo-1.ge.ch
impuser000-ms.ceti.etat-ge.ch
vcsclabo-1.ceti.etat-ge.ch
ldapedu.ge.ch
*.devops.etat-ge.ch
pexipadm000.ceti.etat-ge.ch
jabbergsrv001.ceti.etat-ge.ch
jabbergsrv002.ceti.etat-ge.ch
vcselabo-2.ge.ch
vcselabo-2.ge.ch
cucmlabo000.ceti.etat-ge.ch
cuacuserlab000.ad.etat-ge.ch
pccefinlab001.ceti.etat-ge.ch
cucuserlabo000-ms.ceti.etat-ge.ch
appconpol11.ceti.etat-ge.ch
vcselabo-1.ge.ch
pccefin000-ms.ceti.etat-ge.ch
*.apps.soca.lbdev.etat-ge.ch
pccefinlab000.ceti.etat-ge.ch
videogwlabo.ge.ch
jabbergexpc002.ceti.etat-ge.ch
jabbergexpc002.ceti.etat-ge.ch
contacts.ge.ch
cuacuserlab000.ad.etat-ge.ch
vcsegv2-1.ge.ch
jabbergexpc001.ceti.etat-ge.ch
cfircf5.dev.etat-ge.ch
mitest.b2b.ge.ch
pccecuiclab000-ms.ceti.etat-ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
vcselabo-2.ge.ch
oos.ge.ch
ldapedu.ge.ch
impuserlabo000-ms.ceti.etat-ge.ch
cucuser000-ms.ceti.etat-ge.ch
videogwlabo.ge.ch
jabbergsrv003.ceti.etat-ge.ch
jabbergexpe001.ge.ch
vcscgv2-1.ceti.etat-ge.ch
cucmsme000-ms.ceti.etat-ge.ch
cari.rec.etat-ge.ch
t-racine.t-admin2.t-ad.etat-ge.ch
*.devops.etat-ge.ch
vcselabo-2.ge.ch
jabbergsrv002.ceti.etat-ge.ch
vcsegv2-1.ge.ch
videogwlabo.ge.ch
jabberguest.ge.ch

Certificate

The complete raw certificate details for cucmuserlabo000-ms.ceti.etat-ge.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKXjCCCUagAwIBAgIUE6PxO3XYxcQLo+BQ26b70HQlsZMwDQYJKoZIhvcNAQEL
BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE
AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTkwODIy
MTQyODAyWhcNMjEwODIyMTQyODAyWjCBlDELMAkGA1UEBhMCQ0gxDzANBgNVBAgT
BkdlbmV2ZTEPMA0GA1UEBxMGR2VuZXZlMScwJQYDVQQKEx5SZXB1YmxpcXVlIGV0
IENhbnRvbiBkZSBHZW5ldmUxDTALBgNVBAsTBERHU0kxKzApBgNVBAMTImN1Y211
c2VybGFibzAwMC1tcy5jZXRpLmV0YXQtZ2UuY2gwggIiMA0GCSqGSIb3DQEBAQUA
A4ICDwAwggIKAoICAQC+K3Rk6HxLgXSCAbCUQmw/bGcxEF/v0Fv85A3Lg5//Cgv6
9fcSfRGHCZygzJy2o/a2X1wBvzWeoID6qkuOfCLGX60H/Z2Yi1ayDweSz8dCHTVd
KzP/QZKiY8uBA3eQA15OlNvZ+OVYaXN3Dlv6Fi//gqSfZ7aeoTOanV4sT6PPtvY6
LKx2bmof4tdL6FVgdnXM0dscqF3z7EbPv/rYZ2fZrG9eMNLUv8Mm6u9Q2RRHQ2f0
09lPzoWrqW3NYJuPUy9ze5cpkIyA5+dlZvJnvL+v3aYiJr9dvRgJ6Ok/0DLdsRzR
T7iCxqS5AiVu3+PMnLhpTkNzGBKh6HHU3/dgMvi4F7CJs0kKqi9q+yjYe/Rp3ncv
qyd5DWfFo0TUOADJ2Sod3SAqr3u63jfNd0qHqjj88d3yDaqOFvcRO325mYwQUDrS
saILdI/xNwd2h3KI5IaEvYZDzTWFd7KIiCfq0r/x+xVOh0ZZVz/TC2d6giwM0cc9
s/eopQ3WJwCKb/OKDK86Q9vSfF8HKAE7hIysnWZV38vap+nX0YpDcYy0li8+INH9
+KcRyi2sUuz9D2lgmaOjKz2r/EV1xhC7ObIvOEYhhs7IZiTBNqorBe/WNIaXu5vi
mfMm0is0Zjz2ye2GkWQ51jaT4et24QHIi981PodkaWx7GR+NwLU/0tMVrcgApQID
AQABo4IF5zCCBeMwggE6BgNVHREEggExMIIBLYIiY3VjbXVzZXJsYWJvMDAwLW1z
LmNldGkuZXRhdC1nZS5jaIIeaW1wdXNlcmxhYm8wMDAuY2V0aS5ldGF0LWdlLmNo
gg1qdXN0aWNlLmdlLmNogh9jdWNtdXNlcmxhYm8wMDkuY2V0aS5ldGF0LWdlLmNo
gg9jZXRpLmV0YXQtZ2UuY2iCDHBvbGljZS5nZS5jaIIKZXRhdC5nZS5jaIIeaW1w
dXNlcmxhYm8wMDEuY2V0aS5ldGF0LWdlLmNoggljc3AuZ2UuY2iCFGxhYm8uY2V0
aS5ldGF0LWdlLmNogh9jdWNtdXNlcmxhYm8wMDEuY2V0aS5ldGF0LWdlLmNoggll
ZHUuZ2UuY2iCH2N1Y211c2VybGFibzAwMC5jZXRpLmV0YXQtZ2UuY2gwDgYDVR0P
AQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
FgQUcPCZxVp4gFO88uUFDfQd1tCEKKAwHwYDVR0jBBgwFoAU5/Hn/S5TrRHlgRpX
pHOPEn2YyK4wgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3Np
Z24ubmV0L0U3RjFFN0ZEMkU1M0FEMTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4QUUw
gaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049RTdG
MUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4QzhBRSUyQ089U3dpc3NT
aWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0
Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwXwYDVR0gBFgwVjBUBglghXQBWQEC
AQswRzBFBggrBgEFBQcCARY5aHR0cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv
bS9Td2lzc1NpZ24tR29sZC1DUC1DUFMucGRmMIHVBggrBgEFBQcBAQSByDCBxTBk
BggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3Jp
dHkvZG93bmxvYWQvRTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4
QzhBRTBdBggrBgEFBQcwAYZRaHR0cDovL2dvbGQtc2VydmVyLWcyLm9jc3Auc3dp
c3NzaWduLm5ldC9FN0YxRTdGRDJFNTNBRDExRTU4MTFBNTdBNDczOEYxMjdEOThD
OEFFMIIB9wYKKwYBBAHWeQIEAgSCAecEggHjAeEAdgBElGUusO7Or8RAB9io/ijA
2uaCvtjLMbU/0zOWtbaBqAAAAWy5ujx5AAAEAwBHMEUCIQDhOgqswJQaFYTcfLPy
6UDx/xp+DTykvRSfuE8VkYd91AIgTswZmxsWUFTDQK9YRShLukijU2BD2qC/cqTy
rO8u+xYAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWy5ujmX
AAAEAwBHMEUCIDlkgyea1PT/m9iBIgY4w8D6yDW+BbxXAJK1pySfzaIXAiEA6VWE
gKdtGyRXaXJKJGLHwuDSXHTiq/uHdvNJPIqTDpcAdwC72d+8H4pxtZOUI5eqkntH
OFeVCqtS6BqQlmQ2jh7RhQAAAWy5ujjrAAAEAwBIMEYCIQCkFnfotyosJEao7ujy
tvifVB6smD71XaXXl10/zdSaNAIhAOzVs1ghZa45j3m6MT/m8uBoA/HDZOvpq7Gy
87yv+cZUAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFsubo4
VwAABAMARzBFAiEAmiBhIoKCiu3J2EOjOXGNRZVThCR2rHQiTwk66dKoJi0CIFEx
/AramJbJmIxSDwe5QWq651vCk8oQ0T+SzN1jsaK8MA0GCSqGSIb3DQEBCwUAA4IB
AQAYXJwfh2j5K9pCYNMalz8gmk9b/5bdfgWJ0EThydx/Wsf/gjx2w76A/mxUWic4
dEqRqz9WP03y48y0ZooXJwvpC54DT9xFdozwl4wD9++xOz4C2O7k7NPABuCuA+36
E6wcIPFDLg3J7NLyHSAKn1gnm/yuOPxofzidmSTGoIE3C+REMiwZyNCA4cvq4i1D
I0mSgqq4tM/PKm//TyGQq1R3JsFimJvka7lA1kYhcRK92JJqFrRfccBc+qV8Fvu2
f94Z5SjJW3V927CaV8Jspyo/XB6SzfgW8xi65iPn4CDJkIM1//rEmqSR+tXbKU1j
ONKdRquludZFiXkjYzNwjMOr
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvit0ZOh8S4F0ggGwlEJs
P2xnMRBf79Bb/OQNy4Of/woL+vX3En0RhwmcoMyctqP2tl9cAb81nqCA+qpLjnwi
xl+tB/2dmItWsg8Hks/HQh01XSsz/0GSomPLgQN3kANeTpTb2fjlWGlzdw5b+hYv
/4Kkn2e2nqEzmp1eLE+jz7b2Oiysdm5qH+LXS+hVYHZ1zNHbHKhd8+xGz7/62Gdn
2axvXjDS1L/DJurvUNkUR0Nn9NPZT86Fq6ltzWCbj1Mvc3uXKZCMgOfnZWbyZ7y/
r92mIia/Xb0YCejpP9Ay3bEc0U+4gsakuQIlbt/jzJy4aU5DcxgSoehx1N/3YDL4
uBewibNJCqovavso2Hv0ad53L6sneQ1nxaNE1DgAydkqHd0gKq97ut43zXdKh6o4
/PHd8g2qjhb3ETt9uZmMEFA60rGiC3SP8TcHdodyiOSGhL2GQ801hXeyiIgn6tK/
8fsVTodGWVc/0wtneoIsDNHHPbP3qKUN1icAim/zigyvOkPb0nxfBygBO4SMrJ1m
Vd/L2qfp19GKQ3GMtJYvPiDR/finEcotrFLs/Q9pYJmjoys9q/xFdcYQuzmyLzhG
IYbOyGYkwTaqKwXv1jSGl7ub4pnzJtIrNGY89snthpFkOdY2k+HrduEByIvfNT6H
ZGlsexkfjcC1P9LTFa3IAKUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 112126860407227867882604137846168245161393762707
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-22 14:28:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-22 14:28:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DGSI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cucmuserlabo000-ms.ceti.etat-ge.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 775824871225459007595027361171331791230474313245556591281832552258319707628677471631228069153174141747639159151916010526115318619000492363047127740028223306921859550750403399390875617214794799566375305494046055409661662004600718856561683354770900330081720874392184242985514020120133031445468539469445060916462113531485421385852884145270533502522688952682808712561974737906535188722611103138973999053389234089312575625953475672248452739703557449679472588374114282339269363860294372137248685241500151857343562707757430405616946652014533409136135590639475381735550269375203794733112594347884316235317125345863725183879803320262186170189400988335747139528056317318088422381486482654729281298923084704610378299035127260068900089334930540097178135120424176611982389488992126025957846695855656174283176162894737949335170936572145041196046907157858922454341733328438882930674466973834421545011805623524997464471121308246317972235419635826792097474871764007021921575994593900324377087281191567202497319082126264918254449966778843820692199660388393134664619887053750348319069939356977484279527447426391334057121843086366681824861343855468342672786895998016611620456726365692443106379622342396416220631977817665452213395671356181154603488247973
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (305 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucmuserlabo000-ms.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impuserlabo000.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'justice.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucmuserlabo009.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'police.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etat.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impuserlabo001.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'csp.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'labo.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucmuserlabo001.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edu.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucmuserlabo000.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							70f099c55a788053bcf2e5050df41dd6d08428a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.11
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
							01e10076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016cb9ba3c790000040300473045022100e13a0aacc0941a1584dc7cb3f2e940f1ff1a7e0d3ca4bd149fb84f1591877dd402204ecc199b1b165054c340af5845284bba48a3536043daa0bf72a4f2acef2efb160076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016cb9ba399700000403004730450220396483279ad4f4ff9bd881220638c3c0fac835be05bc570092b5a7249fcda217022100e9558480a76d1b245769724a2462c7c2e0d25c74e2abfb8776f3493c8a930e97007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016cb9ba38eb0000040300483046022100a41677e8b72a2c2446a8eee8f2b6f89f541eac983ef55da5d7975d3fcdd49a34022100ecd5b3582165ae398f79ba313fe6f2e06803f1c364ebe9abb1b2f3bcaff9c654007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016cb9ba385700000403004730450221009a20612282828aedc9d843a339718d459553842476ac74224f093ae9d2a8262d02205131fc0ada9896c9988c520f07b9416abae75bc293ca10d13f92ccdd63b1a2bc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00185c9c1f8768f92bda4260d31a973f209a4f5bff96dd7e0589d044e1c9dc7f5ac7ff823c76c3be80fe6c545a2738744a91ab3f563f4df2e3ccb4668a17270be90b9e034fdc45768cf0978c03f7efb13b3e02d8eee4ecd3c006e0ae03edfa13ac1c20f1432e0dc9ecd2f21d200a9f58279bfcae38fc687f389d9924c6a081370be444322c19c8d080e1cbeae22d4323499282aab8b4cfcf2a6fff4f2190ab547726c162989be46bb940d646217112bdd8926a16b45f71c05cfaa57c16fbb67fde19e528c95b757ddbb09a57c26ca72a3f5c1e92cdf816f318bae623e7e020c9908335fffac49aa491fad5db294d6338d29d46aba5b9d6458979236333708cc3ab