*.zem.ch

Issued by SwissSign RSA TLS DV ICA 2021 - 1

About this certificate

This digital certificate with serial number 52:9b:39:5d:32:91:ef:2b:fb:e9:04:fa:df:5a:04:c3:71:ce:54:f8 was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.zem.ch

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 52:9b:39:5d:32:91:ef:2b:fb:e9:04:fa:df:5a:04:c3:71:ce:54:f8
Serial Number (int): 471598855827104455369793839180104103389786166520
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 74:f4:39:62:bc:7c:8a:63:77:6b:d0:6b:41:76:52:8e:98:cc:bf:c7
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87

Fingerprint (sha1): 3f:d4:5d:3e:6c:f0:82:bb:ba:6b:e5:ed:d9:18:78:40:af:41:6e:60
Fingerprint (sha256): 15:4f:e8:a0:7e:66:c6:88:65:4e:0e:53:62:c1:4e:37:64:82:74:12:cb:94:ad:78:3d:88:5f:a6:15:c9:b5:e2

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587

Revocation information

OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate *.zem.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.zem.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.zem.ch
zem.ch

Other certificates including the domain name zem.ch

(limited to 100 certificates)
*.zem.ch
*.zem.ch
*.zem.ch
*.zem.ch
*.zem.ch
*.zem.ch
*.zem.ch

Certificate

The complete raw certificate details for *.zem.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKIzCCCAugAwIBAgIUUps5XTKR7yv76QT631oEw3HOVPgwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMTEyMTEw
MDcyNloXDTIzMTEzMDA4NTYyNFowEzERMA8GA1UEAwwIKi56ZW0uY2gwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzjdQlWKzmKrpWZne/49lLRH9fTy+C
Oggwpw6gXiETxUFB4dmK6F71nj8c5n4imI6IHgjEX8N7neckEagGimdCFLiRCzQo
5SM6TQS8EsqtitV2YydJNsOc37OjZ2872/2DtM2BOTTbKioDeXqGtbFJrVYjDPcv
hcbXUVesva2PSACEkYOBD0MEdRNNJFr3lKkTEmrA/MeE0aHW/EzWT/HFf8Ffbc0U
/grfZHO3w2bxFEBcZwA2mOY3RqDX8T0BEEr/dJe8tbZTW75h9vc6ujytDJFaJUdp
AUS1lhtATJYpKRKDWFjleOsyozUxHKoV4sXdlybmZrdsMEFD68njmSHvAgMBAAGj
ggYwMIIGLDAbBgNVHREEFDASgggqLnplbS5jaIIGemVtLmNoMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFHT0
OWK8fIpjd2vQa0F2Uo6YzL/HMB8GA1UdIwQYMBaAFDyeUnkDY29PnIEb0yhwDCRa
6qWHMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5l
dC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3MIGooIGl
oIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPTNDOUU1Mjc5
MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFFQUE1ODclMkNPPVN3aXNzU2lnbiUy
Q0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNz
PWNSTERpc3RyaWJ1dGlvblBvaW50MG8GA1UdIARoMGYwUAYIYIV0AVkCAQEwRDBC
BggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dp
c3NTaWduX0NQU19UTFMucGRmMAgGBgQAj3oBBjAIBgZngQwBAgEwgcYGCCsGAQUF
BwEBBIG5MIG2MGQGCCsGAQUFBzAChlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2kt
YmluL2F1dGhvcml0eS9kb3dubG9hZC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMy
ODcwMEMyNDVBRUFBNTg3ME4GCCsGAQUFBzABhkJodHRwOi8vb2NzcC5zd2lzc3Np
Z24ubmV0LzNDOUU1Mjc5MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFFQUE1ODcw
ggNgBgorBgEEAdZ5AgQCBIIDUASCA0wDSgB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4
cCUIFy+jqh0HE9MMAAABhJmoMj4AAAQDAEcwRQIgFR1WVjEEI4FpIoeNHPGke9e+
MJU69MiEOkC0m39jkMQCIQCB8WsTpk8e+m2fBIcnH/Oshfm2LxtBWe7/I7HzPoH6
/wB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABhJmoMScAAAQD
AEcwRQIgHHXJzNFyF/MnaUNRZih7wBQ1OM4jqNivuiEgxEtNchECIQDbbLZdt1g4
S2EXj/X7PAhvcGTc80z3fuPw3qbvf3XjeQB2AHoyjFTYty22IOo44FIe6YQWcDIT
hU070ivBOlejUutSAAABhJmoMkYAAAQDAEcwRQIgJ57o0y1jT1C0RvoGEfAhtDB4
55K9muZXkyFO6Sf8Xz8CIQCHqrn3Y0CPRab8bYpbfaVDAkxK8dwbmNc5URYNOBur
+QB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABhJmoMRgAAAQD
AEcwRQIhAOfVfTtm1U2Eotz2tnpZcHYO8g3h7XoQ/ip9XRH8sy7DAiAnZh8Y6X/Q
AmXwMPUjfc5mAhg/iMDoA+woqrTJm0It6wB2ALNzdwfhhFD4Y4bWBancEQlKeS2x
ZwwLh9zwAw55NqWaAAABhJmoMxUAAAQDAEcwRQIgCTKTJ6+jHodIopUXtkDokqja
aXMmAZfQe1O23QYDYpgCIQD8K2AdMOMHqZsv7eGrzhozNHN7iodaKFAmJK8wWw0I
pwB3AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABhJmoMxUAAAQD
AEgwRgIhAJ629UfQej+gjmuAX+cs+jriFv8Es7Yw3OcjtXeAndz0AiEAyIVgt5Cf
YDoJqSdsGKy9SzPqvQbrFEnWq2fXiTV0D3sAdwDofqdmC8Js9gAu9XJdP+DjMbk5
O7kvv1jrO5BJ2vVDWgAAAYSZqDRQAAAEAwBIMEYCIQDM8wwfL7s1YiTrXmxYGYLz
Y2oc8COpc9EF+1hBaqvTIQIhAPcGtSrs4r9xFwC+RCfApwA4O0hd4ZNQUcd66ZbD
AmDVMA0GCSqGSIb3DQEBCwUAA4ICAQCD8gPfIqhDhZwViGPqX3J0RyH8MLBzVM89
M9G1ZxroNWE3/lU/SneLWJ1JP09ev5C9230JPKtDp8lcpNy4wF+Ez3WhHgaXVcX9
RNiP6Ih14KlT5n07n2PU0MQtSAtNkF0vzdzc9CjL7rZ+U+L/oyU7UOEFFNBUlT28
MEG2H4dZDfLwtfAfm4C8Rq/Mn3sdvfBTScNJwWKP9ul4WC9G8I8ZskKW7WgZqVab
PVYzKt0LeypVkYyeiwdfeM4tXmmwEb8HcMKZjfyMl/zKlTNPfMgeamzZPSkdtSHr
C3FcHNMJm/ZQVdTglpIQcOpf9nm6Ci1MZ5kgxnABlFsna254uaVgyRvTtAg+oUmT
Ru7+qyt63emCHX+R/m5VTLC32HHKwqeSW/aN1z8S0H+AQz4QlqbcPsEFhRa9hZbn
z2xhrrRm4/uagH1T0wVcNgqZI57fFFcGpNDHl21xC0Vb5RQOoIj8ZtP/fQI5hIVf
cqj/uAT5ThPKCgPuGMxOSPa/NqpfH+DeBSGYZOpWOW/gxnxShPBZYTLIAMpJwK0x
jINsyi4bU5QpcUtlQluu7qvsjMQSYztv56JlSyIwIYS0iuJoyHwfm8G7SPTE7+3F
wAWokxBPzhkhKYQnaEtndPabw6E1Zi94j4mITIAGksrnoSmKi/VMkFwUZ2/E8xHF
RFTGzfsk7A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs43UJVis5iq6VmZ3v+PZ
S0R/X08vgjoIMKcOoF4hE8VBQeHZiuhe9Z4/HOZ+IpiOiB4IxF/De53nJBGoBopn
QhS4kQs0KOUjOk0EvBLKrYrVdmMnSTbDnN+zo2dvO9v9g7TNgTk02yoqA3l6hrWx
Sa1WIwz3L4XG11FXrL2tj0gAhJGDgQ9DBHUTTSRa95SpExJqwPzHhNGh1vxM1k/x
xX/BX23NFP4K32Rzt8Nm8RRAXGcANpjmN0ag1/E9ARBK/3SXvLW2U1u+Yfb3Oro8
rQyRWiVHaQFEtZYbQEyWKSkSg1hY5XjrMqM1MRyqFeLF3Zcm5ma3bDBBQ+vJ45kh
7wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 471598855827104455369793839180104103389786166520
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-21 10:07:26 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-30 08:56:24 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.zem.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22666594924997767217978877844098917636876831241055334300315787886694057594500738603494021310493924331721571144462625341212078612033422742661858416621506813129227999749878145241074118980439379471190747786083171552482192568040354032924766035051747014752392959495172853883823560299487488444599961345628879920881939065594359679349588163280100564758486260231239452255709724747200469827320253998073686285124933347755972911450816638638442647209277187998230000328440134240789524901005599166605972619880508205554371907823661693298985859716025961022825019783487688041321661375427364582190144227019601685691121854055220264903151
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.zem.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zem.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							74f43962bc7c8a63776bd06b4176528e98ccbfc7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (848 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (844 bytes)
							034a0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018499a8323e00000403004730450220151d5656310423816922878d1cf1a47bd7be30953af4c8843a40b49b7f6390c402210081f16b13a64f1efa6d9f0487271ff3ac85f9b62f1b4159eeff23b1f33e81faff0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000018499a83127000004030047304502201c75c9ccd17217f32769435166287bc0143538ce23a8d8afba2120c44b4d7211022100db6cb65db758384b61178ff5fb3c086f7064dcf34cf77ee3f0dea6ef7f75e3790076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018499a8324600000403004730450220279ee8d32d634f50b446fa0611f021b43078e792bd9ae65793214ee927fc5f3f02210087aab9f763408f45a6fc6d8a5b7da543024c4af1dc1b98d73951160d381babf9007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018499a831180000040300473045022100e7d57d3b66d54d84a2dcf6b67a5970760ef20de1ed7a10fe2a7d5d11fcb32ec3022027661f18e97fd00265f030f5237dce6602183f88c0e803ec28aab4c99b422deb007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000018499a833150000040300473045022009329327afa31e8748a29517b640e892a8da6973260197d07b53b6dd06036298022100fc2b601d30e307a99b2fede1abce1a3334737b8a875a28502624af305b0d08a7007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018499a8331500000403004830460221009eb6f547d07a3fa08e6b805fe72cfa3ae216ff04b3b630dce723b577809ddcf4022100c88560b7909f603a09a9276c18acbd4b33eabd06eb1449d6ab67d78935740f7b007700e87ea7660bc26cf6002ef5725d3fe0e331b9393bb92fbf58eb3b9049daf5435a0000018499a834500000040300483046022100ccf30c1f2fbb356224eb5e6c581982f3636a1cf023a973d105fb58416aabd321022100f706b52aece2bf711700be4427c0a700383b485de1935051c77ae996c30260d5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0083f203df22a843859c158863ea5f72744721fc30b07354cf3d33d1b5671ae8356137fe553f4a778b589d493f4f5ebf90bddb7d093cab43a7c95ca4dcb8c05f84cf75a11e069755c5fd44d88fe88875e0a953e67d3b9f63d4d0c42d480b4d905d2fcddcdcf428cbeeb67e53e2ffa3253b50e10514d054953dbc3041b61f87590df2f0b5f01f9b80bc46afcc9f7b1dbdf05349c349c1628ff6e978582f46f08f19b24296ed6819a9569b3d56332add0b7b2a55918c9e8b075f78ce2d5e69b011bf0770c2998dfc8c97fcca95334f7cc81e6a6cd93d291db521eb0b715c1cd3099bf65055d4e096921070ea5ff679ba0a2d4c679920c67001945b276b6e78b9a560c91bd3b4083ea1499346eefeab2b7adde9821d7f91fe6e554cb0b7d871cac2a7925bf68dd73f12d07f80433e1096a6dc3ec1058516bd8596e7cf6c61aeb466e3fb9a807d53d3055c360a99239edf145706a4d0c7976d710b455be5140ea088fc66d3ff7d023984855f72a8ffb804f94e13ca0a03ee18cc4e48f6bf36aa5f1fe0de05219864ea56396fe0c67c5284f0596132c800ca49c0ad318c836cca2e1b539429714b65425baeeeabec8cc412633b6fe7a2654b22302184b48ae268c87c1f9bc1bb48f4c4efedc5c005a893104fce1921298427684b6774f69bc3a135662f788f89884c800692cae7a1298a8bf54c905c14676fc4f311c54454c6cdfb24ec