vcsenhp-1.ge.ch

- Republique et Canton de Geneve -

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate

This digital certificate with serial number 75:95:2f:73:34:86:e7:5a:bb:a7:48:91:71:c4:f1:57:4c:2a:5f:ff was issued on by SwissSign AG.

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [ContentCommitment DataEncipherment DigitalSignature KeyEncipherment] (00001111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Republique et Canton de Geneve

Organization: Republique et Canton de Geneve
Organization unit: RT-TELEPHONIE
State / Province: Geneve
Locality: Geneve
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 75:95:2f:73:34:86:e7:5a:bb:a7:48:91:71:c4:f1:57:4c:2a:5f:ff
Serial Number (int): 671278864700701591807970637591053943061690867711
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: ee:d6:e9:e3:df:fe:95:a1:de:fd:13:36:24:4d:6d:95:28:d6:9b:2b
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): ac:45:07:26:2f:32:04:89:63:31:96:31:79:e2:22:ae:69:db:a6:f4
Fingerprint (sha256): 12:1b:21:c5:59:6f:bb:95:02:d4:e5:0f:5f:d3:a3:37:44:98:82:5a:7d:1d:0b:62:0a:be:ae:1f:0e:ec:56:f1

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate vcsenhp-1.ge.ch

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vcsenhp-1.ge.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vcsenhp-1.ge.ch
videogw.ge.ch
vcsegv2-1.ge.ch
conference-3-standalonecluster139b0.ceti.etat-ge.ch
conference-2-standalonecluster139b0.ceti.etat-ge.ch
police.ge.ch
etat.ge.ch
justice.ge.ch
ceti.etat-ge.ch
edu.ge.ch
ge.ch

Other certificates including the domain name ge.ch

(limited to 100 certificates)
impuserlabo000-ms.ceti.etat-ge.ch
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch

Certificate

The complete raw certificate details for vcsenhp-1.ge.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIEDCCBvigAwIBAgIUdZUvczSG51q7p0iRccTxV0wqX/8wDQYJKoZIhvcNAQEL
BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE
AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTgwOTI0
MTQxODQ4WhcNMjAwOTI0MTQxODQ4WjCBijELMAkGA1UEBhMCQ0gxDzANBgNVBAgT
BkdlbmV2ZTEPMA0GA1UEBxMGR2VuZXZlMScwJQYDVQQKEx5SZXB1YmxpcXVlIGV0
IENhbnRvbiBkZSBHZW5ldmUxFjAUBgNVBAsTDVJULVRFTEVQSE9OSUUxGDAWBgNV
BAMTD3Zjc2VuaHAtMS5nZS5jaDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBAKXaWZ8DDZeGZjrDw96sxRnh+aeoD1N0L72g8Ygf/noIAKv7nZCdNqXQqOhO
hkvSePFJ0AzsT3NAKFKXg3iINu7rFiW638654mteHdYmzDam5222z5q6UA3qSw6k
xqpbvazHRJah37jXGJP1zlsFtx6jN0LS4ZAwwdjnCedEjdxE8l9FB+KkBq2PJDMZ
3619wYRkDipfLnVBSQuwHvp1Wotz+/m31/PHvHGD1MSxGM4e/oXpWG29AGB3kmes
bCNOs/WCCc9gp4FyyKWT4YbW0nMHiwIjCHFwxRDMdkRXaJpBSlKSloBhjIVgbEfb
p5PH0AP2+SZ0iPYR8Kfp3MLvS1YVd9r4HBiK06NqInH62LP0CWK4H7CFKkvDBn18
xokZaJPR2wHZAdhMPyAw/4mWsDkHUoZN677vBkE4DvGUQl+/2dNvwF17iMn7WqQk
s9Hek63uOro0G+EOtNU97AOcV/UoQ2veHZd7VeH6HgFtIBArXulazU9+6wRnseNw
yanbfUuxT4IXWdHo/k4WZbtMUJcM7gJ874fkbH10d61SAhxJlyN/0QCkfaEzHd5G
K+wLcVSjjPGQKG1hhZr581+sCmQJWajPYBM67m/hhtsz7rmxwyVvY7lrY/qZfbDi
+AWzoyvDUHABs/8bhGxt8wYk0sG01t+9JEkxnyfTGMe7i07BAgMBAAGjggOjMIID
nzCB8gYDVR0RBIHqMIHngg92Y3NlbmhwLTEuZ2UuY2iCDXZpZGVvZ3cuZ2UuY2iC
D3Zjc2VndjItMS5nZS5jaIIzY29uZmVyZW5jZS0zLXN0YW5kYWxvbmVjbHVzdGVy
MTM5YjAuY2V0aS5ldGF0LWdlLmNogjNjb25mZXJlbmNlLTItc3RhbmRhbG9uZWNs
dXN0ZXIxMzliMC5jZXRpLmV0YXQtZ2UuY2iCDHBvbGljZS5nZS5jaIIKZXRhdC5n
ZS5jaIINanVzdGljZS5nZS5jaIIPY2V0aS5ldGF0LWdlLmNoggllZHUuZ2UuY2iC
BWdlLmNoMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwHQYDVR0OBBYEFO7W6ePf/pWh3v0TNiRNbZUo1psrMB8GA1UdIwQYMBaA
FOfx5/0uU60R5YEaV6RzjxJ9mMiuMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6
Ly9jcmwuc3dpc3NzaWduLm5ldC9FN0YxRTdGRDJFNTNBRDExRTU4MTFBNTdBNDcz
OEYxMjdEOThDOEFFMIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3Np
Z24ubmV0L0NOPUU3RjFFN0ZEMkU1M0FEMTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4
QUUlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlz
dD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MF8GA1UdIARY
MFYwVAYJYIV0AVkBAgEGMEcwRQYIKwYBBQUHAgEWOWh0dHA6Ly9yZXBvc2l0b3J5
LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduLUdvbGQtQ1AtQ1BTLnBkZjCB1QYIKwYB
BQUHAQEEgcgwgcUwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2Nn
aS1iaW4vYXV0aG9yaXR5L2Rvd25sb2FkL0U3RjFFN0ZEMkU1M0FEMTFFNTgxMUE1
N0E0NzM4RjEyN0Q5OEM4QUUwXQYIKwYBBQUHMAGGUWh0dHA6Ly9nb2xkLXNlcnZl
ci1nMi5vY3NwLnN3aXNzc2lnbi5uZXQvRTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3
QTQ3MzhGMTI3RDk4QzhBRTANBgkqhkiG9w0BAQsFAAOCAQEAH8Wd8x6gGlttTDBR
bzV2F1tjliKOOFEQMk19i0GE/Q0Ph58dlQu5fBqfDzUh5bPH8Kal9DLOkadynBC6
nT0lKvWoX8uy2QO9U6JX/4eWtzZtpVQjXfOzRz3EYa4BwMFecENLs3BpJxGLv+Tr
l+BsRbCp59nMMzUqD8bkoqdKSB/cUE/jCzx+XaZXEMR+Zf3zXP1y1d4ARCAp+OXI
0cAKF4Vgr04mXh4g4hLwKGmLJ4OJHfLX1LEhJyKVdm/pfCv4Sgy0pPUSyi33O2kD
SWXiYHNAdXUL3z3B53eYm/yKu5uVw4T/UIqfJcY6dBR5OkfP1/0wRWSnkAzlY3GB
tHo48Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApdpZnwMNl4ZmOsPD3qzF
GeH5p6gPU3QvvaDxiB/+eggAq/udkJ02pdCo6E6GS9J48UnQDOxPc0AoUpeDeIg2
7usWJbrfzrnia14d1ibMNqbnbbbPmrpQDepLDqTGqlu9rMdElqHfuNcYk/XOWwW3
HqM3QtLhkDDB2OcJ50SN3ETyX0UH4qQGrY8kMxnfrX3BhGQOKl8udUFJC7Ae+nVa
i3P7+bfX88e8cYPUxLEYzh7+helYbb0AYHeSZ6xsI06z9YIJz2CngXLIpZPhhtbS
cweLAiMIcXDFEMx2RFdomkFKUpKWgGGMhWBsR9unk8fQA/b5JnSI9hHwp+ncwu9L
VhV32vgcGIrTo2oicfrYs/QJYrgfsIUqS8MGfXzGiRlok9HbAdkB2Ew/IDD/iZaw
OQdShk3rvu8GQTgO8ZRCX7/Z02/AXXuIyftapCSz0d6Tre46ujQb4Q601T3sA5xX
9ShDa94dl3tV4foeAW0gECte6VrNT37rBGex43DJqdt9S7FPghdZ0ej+ThZlu0xQ
lwzuAnzvh+RsfXR3rVICHEmXI3/RAKR9oTMd3kYr7AtxVKOM8ZAobWGFmvnzX6wK
ZAlZqM9gEzrub+GG2zPuubHDJW9juWtj+pl9sOL4BbOjK8NQcAGz/xuEbG3zBiTS
wbTW370kSTGfJ9MYx7uLTsECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 671278864700701591807970637591053943061690867711
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-24 14:18:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-24 14:18:48 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RT-TELEPHONIE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vcsenhp-1.ge.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 676620922079363588869860452880930896501468359899211403595725704682014241686861847247914306900281453425470592643868281205455820274723526673188146288667322356967607675588503603083650177236015797095810905021384421823916957208652194548732221547517387431062326575396802900254676470891060018360915818625959725553681091072727193437747784994601172861389772246373610543652398947172721514015738426487438283241997647598860989590472856367984933828553247711817148334671712618737901961872695846132464234420643451711697799202796891141057958790423845583990495437949925846306247620030825851569220351245783501819675909628084158750307633198445263171906157111411874502921696736634102586788822870027269184149075873912964539482128022201506798961259947893870082110741421839894844845987100451726489540043540581157747691870991338780302245903930365624425763824876910015238253579481890576121135811196645892066207455032801448041459786096952856044825412913407923209551762765089740366209543780966407131861143434875682942260038829733104950011290337283585263158726771324618571835447092034561404456954410605452836791260400373977403240264982176694125531660819650713779613991135496768608465836640070640841870118348373403394397561515949558664035495107898652049218948801
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (234 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vcsenhp-1.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'videogw.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vcsegv2-1.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'conference-3-standalonecluster139b0.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'conference-2-standalonecluster139b0.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'police.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'etat.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'justice.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edu.ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ge.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							eed6e9e3dffe95a1defd1336244d6d9528d69b2b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001fc59df31ea01a5b6d4c30516f3576175b6396228e385110324d7d8b4184fd0d0f879f1d950bb97c1a9f0f3521e5b3c7f0a6a5f432ce91a7729c10ba9d3d252af5a85fcbb2d903bd53a257ff8796b7366da554235df3b3473dc461ae01c0c15e70434bb3706927118bbfe4eb97e06c45b0a9e7d9cc33352a0fc6e4a2a74a481fdc504fe30b3c7e5da65710c47e65fdf35cfd72d5de00442029f8e5c8d1c00a178560af4e265e1e20e212f028698b2783891df2d7d4b121272295766fe97c2bf84a0cb4a4f512ca2df73b69034965e260734075750bdf3dc1e777989bfc8abb9b95c384ff508a9f25c63a7414793a47cfd7fd304564a7900ce5637181b47a38f1