tst-opus.lucorp.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 35:4a:57:ad:7f:dc:89:7b:1a:e6:d4:07:56:54:f0:d7:8c:0b:e9:02 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=tst-opus.lucorp.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 35:4a:57:ad:7f:dc:89:7b:1a:e6:d4:07:56:54:f0:d7:8c:0b:e9:02Serial Number (int): 304234403806037350577710036059863339501097838850
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: 68:ff:d8:9d:fd:7f:f4:d6:b2:31:e3:ff:14:d8:26:4b:4e:06:5d:4b
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 02:11:f4:57:87:68:f2:32:37:91:85:d8:b3:0a:48:4d:77:f9:49:83
Fingerprint (sha256): 14:b4:74:e9:1e:03:d6:d4:cc:79:d7:6b:47:1b:84:1c:c0:8e:35:f9:94:46:c0:ed:41:ea:63:6c:7c:1c:9c:af
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate tst-opus.lucorp.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tst-opus.lucorp.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tst-opus.lucorp.ch
Other certificates including the domain name lucorp.ch
(limited to 100 certificates)
int-opus.lucorp.ch
dev-zertifikate.lucorp.ch
sb009425.lucorp.ch
lu311003.lucorp.ch
contractx.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
michel.lucorp.ch
caml.lucorp.ch
zertifikate.lucorp.ch
dlp-admin.lucorp.ch
norma4040046.lucorp.ch
int-caml.lucorp.ch
dev-zertifikate.lucorp.ch
uci-lukh-nc-002.ucc.lucorp.ch
lu326003.lucorp.ch
int-ecm-trans.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
*.ops.lucorp.ch
tst-opus.lucorp.ch
vm-prd-iacmvp-gitlabserver-chn-001.gitlab.azure.lucorp.ch
int-ecm-trans.lucorp.ch
lu317003.lucorp.ch
amx1.lucorp.ch
paedi.lucorp.ch
tst-opus.lucorp.ch
dev-admin-anlegen.lucorp.ch
old-opus.lucorp.ch
zertifikate.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
rechner.lucorp.ch
norma4040315.lucorp.ch
uci-lukh-nc-003.ucc.lucorp.ch
uci-lukh-nwe-002.lukb.ch
*.lucorp.ch
norma4040044.lucorp.ch
old-opus.lucorp.ch
lu380003.lucorp.ch
tst-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
ecm-act1.lucorp.ch
old-opus.lucorp.ch
int-intra.lucorp.ch
dev-zertifikate.lucorp.ch
int-admin.lucorp.ch
dev-opus.lucorp.ch
test-dlp.lucorp.ch
int-opus.lucorp.ch
zertifikate.lucorp.ch
quote-push1.lucorp.ch
norma4040045.lucorp.ch
tst-opus.lucorp.ch
lu326001.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
int-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
tst-opus.lucorp.ch
int-opus.lucorp.ch
old-opus.lucorp.ch
tst-opus.lucorp.ch
ecm-act4.lucorp.ch
norma4040045.lucorp.ch
keycloak.test-dlp.lucorp.ch
int-datrading.lucorp.ch
dacs.lucorp.ch
int-datrading.lucorp.ch
dev-opus.lucorp.ch
int-opus.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
dev-opus.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
lu311003.lucorp.ch
opus.lucorp.ch
zertifikate.lucorp.ch
datrading.lucorp.ch
old-opus.lucorp.ch
lu312004.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
sb001904.lucorp.ch
dev-opus.lucorp.ch
norma4040250.lucorp.ch
dev-opus.lucorp.ch
opus.lucorp.ch
old-opus.lucorp.ch
test-dlp.lucorp.ch
sursee-safepro.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
lu15388.lucorp.ch
vm-prd-iacmvp-gitlabrunner-chn-001.gitlab.azure.lucorp.ch
michel1.lucorp.ch
dev-zertifikate.lucorp.ch
arbeitszeugnis.lucorp.ch
old-opus.lucorp.ch
lu305003.lucorp.ch
dev-zertifikate.lucorp.ch
sb009425.lucorp.ch
lu311003.lucorp.ch
contractx.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
michel.lucorp.ch
caml.lucorp.ch
zertifikate.lucorp.ch
dlp-admin.lucorp.ch
norma4040046.lucorp.ch
int-caml.lucorp.ch
dev-zertifikate.lucorp.ch
uci-lukh-nc-002.ucc.lucorp.ch
lu326003.lucorp.ch
int-ecm-trans.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
*.ops.lucorp.ch
tst-opus.lucorp.ch
vm-prd-iacmvp-gitlabserver-chn-001.gitlab.azure.lucorp.ch
int-ecm-trans.lucorp.ch
lu317003.lucorp.ch
amx1.lucorp.ch
paedi.lucorp.ch
tst-opus.lucorp.ch
dev-admin-anlegen.lucorp.ch
old-opus.lucorp.ch
zertifikate.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
rechner.lucorp.ch
norma4040315.lucorp.ch
uci-lukh-nc-003.ucc.lucorp.ch
uci-lukh-nwe-002.lukb.ch
*.lucorp.ch
norma4040044.lucorp.ch
old-opus.lucorp.ch
lu380003.lucorp.ch
tst-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
ecm-act1.lucorp.ch
old-opus.lucorp.ch
int-intra.lucorp.ch
dev-zertifikate.lucorp.ch
int-admin.lucorp.ch
dev-opus.lucorp.ch
test-dlp.lucorp.ch
int-opus.lucorp.ch
zertifikate.lucorp.ch
quote-push1.lucorp.ch
norma4040045.lucorp.ch
tst-opus.lucorp.ch
lu326001.lucorp.ch
old-opus.lucorp.ch
dev-zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
int-opus.lucorp.ch
uci-lukt-np-001.int-ucc.lucorp.ch
zertifikate.lucorp.ch
dev-zertifikate.lucorp.ch
tst-opus.lucorp.ch
int-opus.lucorp.ch
old-opus.lucorp.ch
tst-opus.lucorp.ch
ecm-act4.lucorp.ch
norma4040045.lucorp.ch
keycloak.test-dlp.lucorp.ch
int-datrading.lucorp.ch
dacs.lucorp.ch
int-datrading.lucorp.ch
dev-opus.lucorp.ch
int-opus.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
uci-lukh-nc-001.ucc.lucorp.ch
dev-opus.lucorp.ch
uci-lukt-nc-001.int-ucc.lucorp.ch
lu311003.lucorp.ch
opus.lucorp.ch
zertifikate.lucorp.ch
datrading.lucorp.ch
old-opus.lucorp.ch
lu312004.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
sb001904.lucorp.ch
dev-opus.lucorp.ch
norma4040250.lucorp.ch
dev-opus.lucorp.ch
opus.lucorp.ch
old-opus.lucorp.ch
test-dlp.lucorp.ch
sursee-safepro.lucorp.ch
uci-lukt-nr-001.int-ucc.lucorp.ch
lu15388.lucorp.ch
vm-prd-iacmvp-gitlabrunner-chn-001.gitlab.azure.lucorp.ch
michel1.lucorp.ch
dev-zertifikate.lucorp.ch
arbeitszeugnis.lucorp.ch
old-opus.lucorp.ch
lu305003.lucorp.ch
Certificate
The complete raw certificate details for tst-opus.lucorp.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJezCCB2OgAwIBAgIUNUpXrX/ciXsa5tQHVlTw14wL6QIwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDMyNzA2 NDY0MVoXDTI1MDMyNzA2NDY0MVowHTEbMBkGA1UEAxMSdHN0LW9wdXMubHVjb3Jw LmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvaNjw4+tnxAuLp+8 P/ACjWnpUNve+UkI9ivibwzZHwRGwm/nMgl/NuKA0+Tu8PjWRxTSFo2yOWvh7unQ wIWgx0mYcefBS9WS9/xChOKarhP6PgbiM4SvJuGeuhDZ6PmPo46uzBXJlg9HUPPC CixHk50C1RvpBmwdOGEq4tfgyBxXgEN/gVIGJrV62x7TyaZhsL/QJWj8EEdhZW1j dnkD0DaZihwfqxgVER7G8+zC9+FecrKi/nwP2pJg1MRFzoZ3AeFUs6mCJNVB2Yjz X5PFrgiA7W9+lfebwbUnYiqljTx4JvuJbm+u37pt7Dx7Up9UajScOsV6UfcySWxw XXiSgU7Is6/3GhBsX6Wv8P1zKuR5By0ygaSEF7ydo4ygwCqt+Ugidps+0mi0OI06 mRL3My0DJD/oLaGZ/7PhxVc5kl/TRysIVtyeJDNlizPZZYRPR5VJS62KkstFHFu3 w2H1Gre6X1ib31GspX/TCCF/MeWKQnlLutig53BRp+lHBl+TSqFZzmhWM3aSD93x szDVABKQnab2lJk9xvRyn1aBDhXHS+4CzxbFDRAHAT/fe77mpE2LLN5HMR2cEbk1 9sUNpSx09E7Y3uac1e2xulyCL0HKFXy5cdp0zLqHmaZtGGAZQA3KL2501jfLVrPp NAlsVc9X3Mf675SuXReP+WaRkyECAwEAAaOCBH4wggR6MIGyBggrBgEFBQcBAQSB pTCBojBMBggrBgEFBQcwAoZAaHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWlyLTFi ODYzMzg1LWY0YTktNDdmYS04OGE1LTJhNWFiZmQ0YTE2NzBSBggrBgEFBQcwAYZG aHR0cDovL29jc3Auc3dpc3NzaWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgt NDA2OS05YjFiLWZkMjlhYjczZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECATAIBgYE AI96AQYwUAYIYIV0AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0 b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1UdHwRK MEgwRqBEoEKGQGh0dHA6Ly9jcmwuc3dpc3NzaWduLmNoL2NkcC02Nzk3MjNiMi04 NjQxLTQ2NDItODUwMC1mNmQyZmYzN2U2YmEwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAdBgNVHREEFjAUghJ0c3Qtb3B1cy5s dWNvcnAuY2gwHQYDVR0OBBYEFGj/2J39f/TWsjHj/xTYJktOBl1LMB8GA1UdIwQY MBaAFOu9f0mTjMnu7KK69xzSZ/CDsereMIICbwYKKwYBBAHWeQIEAgSCAl8EggJb AlkAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAY5+qTOhAAAE AwBHMEUCIQDtpUsDgkbWghnwzQ9pbuEi5C/ldqhVIKjqX5H3DPRuuAIgby2nBol/ zQw07MssQy5zksCCKY2uD4DCaMN2m/2B4REAdwAo4oE4/YMhRemp1qp1N22Dd6iF ErPAf3JBSCHcvemMZgAAAY5+qTTrAAAEAwBIMEYCIQDRPWU8AqQPNNWUHpl1PVsE z/1L9Yr/TrUwctTO2+oYuwIhAIGFFYobFHMWR2fnshc29RUfGQKHyZ+PIt7ErKqt u0r8AHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOfqkx+QAA BAMARzBFAiEAjp8uoL1k6MHphsissRwmv0we0HmpIMduCQcSS9d83K8CIHDE21CN gXIVpqy9IFaQ0B/4u8QybqMWodXHJbT7uy5rAHcAzPsPaoVxCWX+lZtTzumyfCLp hVwNl422qX5UwP5MDbAAAAGOfqkx0gAABAMASDBGAiEA4rNhNkmKp4f3yBCCmtRk 91wETju6w4as3UnaOT6AvyoCIQDCSRJIfqlRKHA+r0wlvD4LfR2bF++8SiFC0AYr nzHcQgB1AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjn6pM/YA AAQDAEYwRAIgcmsCSJDQlaSPASx8NxeTcEaMYgeAWsDOWUo5BLGGnEoCIFoJ8SqJ kXUIevtv4+njclxJzalbyBOM4/j1hCvrPZzbMA0GCSqGSIb3DQEBCwUAA4ICAQAa u7XZP3RpoICMNOy20MkDh6q8gtPMjyjXOxjh2M2qoP9uXDyPTwHd0gk+i7plqON0 8r8rT0SP7ehAekVGxS/gKknJSWOfhCJXSqFztst3Fo+uUB2TwyzysQPmyZkCa/Uc yR2AZSE9Jq0r87zTPUh0dfaxkSsmUPgUqymFm6HqyRyG0jtOXPJ2EQM0FP8mcz/3 889BvrSpPi22klNQwp+kQgKHuxjQWZyn86fmKT6PzjgQ7lCZ3tDQfib12VJ32x6U G/yhpaHenMd0jjkXUDEczGHJNMyitzPFVj/HKVKnH/G7xgvg5eqigueamRasaduV T+gwqJIoLc3I3s76Brnj8IQErCKWzh7JdYKUCsIL7OuFFkVcBSzlPVtBZCY6ONEQ cxoEr/pnL2LL4u8lpCC+iyFCJnXpSIsgZrFzN2ktyQtySnrOZmTgMPKKIuOsPgeI FpTUSP4ALH871/DC64R8BcXXQTypvdHNMa6/ZJ/voX3TByQ27TTUZ0B6Jgcl1ZZh Q7GpDpuCGc7vAXoid85k+AxRT+yVEwimF8kwHQtGj75pWfLPdf4OWqLa2MfZpp5C WHvnkv78xO/F8XRzvQM41XLuZuoVxzrszNp5KvQmD2FI6eL1okVHBcTEM+YXUwGj rKnJL4jWvu7rLjmYCe2ZDBllHGeVqK5og5dIttNWYA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvaNjw4+tnxAuLp+8P/AC jWnpUNve+UkI9ivibwzZHwRGwm/nMgl/NuKA0+Tu8PjWRxTSFo2yOWvh7unQwIWg x0mYcefBS9WS9/xChOKarhP6PgbiM4SvJuGeuhDZ6PmPo46uzBXJlg9HUPPCCixH k50C1RvpBmwdOGEq4tfgyBxXgEN/gVIGJrV62x7TyaZhsL/QJWj8EEdhZW1jdnkD 0DaZihwfqxgVER7G8+zC9+FecrKi/nwP2pJg1MRFzoZ3AeFUs6mCJNVB2YjzX5PF rgiA7W9+lfebwbUnYiqljTx4JvuJbm+u37pt7Dx7Up9UajScOsV6UfcySWxwXXiS gU7Is6/3GhBsX6Wv8P1zKuR5By0ygaSEF7ydo4ygwCqt+Ugidps+0mi0OI06mRL3 My0DJD/oLaGZ/7PhxVc5kl/TRysIVtyeJDNlizPZZYRPR5VJS62KkstFHFu3w2H1 Gre6X1ib31GspX/TCCF/MeWKQnlLutig53BRp+lHBl+TSqFZzmhWM3aSD93xszDV ABKQnab2lJk9xvRyn1aBDhXHS+4CzxbFDRAHAT/fe77mpE2LLN5HMR2cEbk19sUN pSx09E7Y3uac1e2xulyCL0HKFXy5cdp0zLqHmaZtGGAZQA3KL2501jfLVrPpNAls Vc9X3Mf675SuXReP+WaRkyECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 304234403806037350577710036059863339501097838850 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-27 06:46:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-27 06:46:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tst-opus.lucorp.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 773656525073432291835733957860468159669627086479475544101159263253689539494807176004277782705336146225291558831163294533395047134575374179509925391550401340904002201460458406062146898094405828158001871841861341138008396600890499731678080661157374247084625536672815894663917426790193602844071648041325594387109733403479843217733533634949652737512339077491903450747013922820226465327976704846925711701538659524572969493830470493915538930778988095748109504280851291466264244061237373943643743893822854592824015062352362216431745695199751579164771949916190151021998646650923780323486457380603822442815229188786684980864068669455066444106153503784911925229133782647816411244343702850156241126856162002862773226575135343183459752694219187533889354153109748674870378733193587816883131796019578027831650983777920890476974683748213808561041487412380484518264964227156187230948163710893859469989393976596804469698353805385795371528865845472123067861831381590778872750399125886626509779249575714377077711977874590489068336016749862152500517369365225867970380479270521800368472088165522106205624476891982901318624983399901734581640248525979383733737325852414645442359150347629099465246784646218745855330438498383521231307517902750500933218702113 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tst-opus.lucorp.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 68ffd89dfd7ff4d6b231e3ff14d8264b4e065d4b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (607 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes) 02590076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018e7ea933a10000040300473045022100eda54b038246d68219f0cd0f696ee122e42fe576a85520a8ea5f91f70cf46eb802206f2da706897fcd0c34eccb2c432e7392c082298dae0f80c268c3769bfd81e11100770028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018e7ea934eb0000040300483046022100d13d653c02a40f34d5941e99753d5b04cffd4bf58aff4eb53072d4cedbea18bb0221008185158a1b1473164767e7b21736f5151f190287c99f8f22dec4acaaadbb4afc007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e7ea931f900000403004730450221008e9f2ea0bd64e8c1e986c8acb11c26bf4c1ed079a920c76e0907124bd77cdcaf022070c4db508d817215a6acbd205690d01ff8bbc4326ea316a1d5c725b4fbbb2e6b007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018e7ea931d20000040300483046022100e2b36136498aa787f7c810829ad464f75c044e3bbac386acdd49da393e80bf2a022100c24912487ea95128703eaf4c25bc3e0b7d1d9b17efbc4a2142d0062b9f31dc420075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e7ea933f600000403004630440220726b024890d095a48f012c7c37179370468c6207805ac0ce594a3904b1869c4a02205a09f12a899175087afb6fe3e9e3725c49cda95bc8138ce3f8f5842beb3d9cdb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 001abbb5d93f7469a0808c34ecb6d0c90387aabc82d3cc8f28d73b18e1d8cdaaa0ff6e5c3c8f4f01ddd2093e8bba65a8e374f2bf2b4f448fede8407a4546c52fe02a49c949639f8422574aa173b6cb77168fae501d93c32cf2b103e6c999026bf51cc91d8065213d26ad2bf3bcd33d487475f6b1912b2650f814ab29859ba1eac91c86d23b4e5cf27611033414ff26733ff7f3cf41beb4a93e2db6925350c29fa4420287bb18d0599ca7f3a7e6293e8fce3810ee5099ded0d07e26f5d95277db1e941bfca1a5a1de9cc7748e391750311ccc61c934cca2b733c5563fc72952a71ff1bbc60be0e5eaa282e79a9916ac69db954fe830a892282dcdc8decefa06b9e3f08404ac2296ce1ec97582940ac20beceb8516455c052ce53d5b4164263a38d110731a04affa672f62cbe2ef25a420be8b21422675e9488b2066b17337692dc90b724a7ace6664e030f28a22e3ac3e07881694d448fe002c7f3bd7f0c2eb847c05c5d7413ca9bdd1cd31aebf649fefa17dd3072436ed34d467407a260725d5966143b1a90e9b8219ceef017a2277ce64f80c514fec951308a617c9301d0b468fbe6959f2cf75fe0e5aa2dad8c7d9a69e42587be792fefcc4efc5f17473bd0338d572ee66ea15c73aecccda792af4260f6148e9e2f5a2454705c4c433e6175301a3aca9c92f88d6beeeeb2e399809ed990c19651c6795a8ae68839748b6d35660