heu-ssl-client-eric.lidl.net
- Lidl Stiftung & Co. KG -
Issued by SwissSign RSA TLS OV ICA 2021 - 1
About this certificate
This digital certificate with serial number 34:15:ef:fa:fb:25:be:18:2b:b9:9c:39:6d:f9:92:47:e2:9e:79:df was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Lidl Stiftung & Co. KG
Organization:
Lidl Stiftung & Co. KG
State / Province:
Baden-Württemberg
Locality: Neckarsulm
Country: DE
Locality: Neckarsulm
Country: DE
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 34:15:ef:fa:fb:25:be:18:2b:b9:9c:39:6d:f9:92:47:e2:9e:79:dfSerial Number (int): 297356740972770416778272652013196230000247732703
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: 56:4b:ad:f6:42:1c:cc:65:49:0c:98:37:6d:55:0f:5e:3b:5c:e9:5c
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d
Fingerprint (sha1): 43:2e:34:2f:f7:8f:c3:eb:c9:14:2a:9d:d6:b5:24:ec:60:fd:35:ca
Fingerprint (sha256): 17:b5:a2:43:50:de:96:42:b6:da:25:11:0e:d7:9c:c7:a8:29:bb:22:cf:95:1f:8f:ce:f5:ad:7e:67:ae:1e:48
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D
Revocation information
OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3DCRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate heu-ssl-client-eric.lidl.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for heu-ssl-client-eric.lidl.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
heu-ssl-client-eric.lidl.net
www.heu-ssl-client-eric.lidl.net
www.heu-ssl-client-eric.lidl.net
Other certificates including the domain name lidl.net
(limited to 100 certificates)
cms-esaint.lidl.net
exp1.ucie.lidl.net
lsap29.asp.lidl.net
se1-ucexe-p001.lidl.net
abz-ssl-client-si.lidl.net
exp2.ucie.lidl.net
se1-ucexe-p001.lidl.net
qie-ssl-client-ie.lidl.net
hk-ucexe-p002.lidl.com.hk
lhr.hr.lidl.net
fizz.lidl.net
qdk-ssl-client-dk.lidl.net
l-tas154.asp.lidl.net
se1-ucexe-p001.lidl.net
ps4-ssl-client-eric.lidl.net
fizz.lidl.net
*.retail.lidl.net
qeu-ssl-client-eric.lidl.net
l-as525.asp.lidl.net
wirelessportal.lidl.com
hk-ucexe-p002.lidl.com.hk
se1-ucexe-p001.lidl.net
hgb-ssl-client-gb.lidl.net
heu-ssl-client-eric.lidl.net
exp2.ucie.lidl.net
fizz.lidl.net
se1-ucexe-p002.lidl.net
fizz.lidl.net
l-tas408.asp.lidl.net
fizz.lidl.net
*.sdl-career.lidl.net
heu-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
pf3-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
se1-ucexe-p001.lidl.net
qps-ssl-client.lidl.net
se1-ucexe-p001.lidl.net
hsi-ssl-client-si.lidl.net
*.vdc.lidl.net
se1-ucexe-p001.lidl.net
out-uc17.lidl.net
abz-ssl-client-gb.lidl.net
abz-ssl-client-cssz.lidl.net
hcz-ssl-client-cssz.lidl.net
exp1.ucie.lidl.net
ebz-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
qsi-ssl-client-si.lidl.net
wirelessportal.lidl.com
out-uc17.lidl.net
*.vdc.lidl.net
jss.lidl.net
fmmobile-qs.lidl.net
wirelessportal.lidl.com
pf3-ssl-client-eric.lidl.net
qie-ssl-client-ie.lidl.net
qps-ssl-client.lidl.net
out-uc18.lidl.net
ebz-ssl-client-eric.lidl.net
qeu-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
ebz-ssl-client-eric.lidl.net
se1-ucexe-p001.lidl.net
wirelessportal.lidl.com
hps-ssl-client.lidl.net
abz-ssl-client-dk.lidl.net
qsi-ssl-client-si.lidl.net
hdk-ssl-client-dk.lidl.net
se1-ucexe-p001.lidl.net
out-uc18.lidl.net
qs4-ssl-client-eric.lidl.net
out-uc18.lidl.net
out-uc18.lidl.net
se1-ucexe-p001.lidl.net
fizz.lidl.net
abz-ssl-client-dk.lidl.net
ebz-ssl-client-dk.lidl.net
hdk-ssl-client-dk.lidl.net
qf3-ssl-client-eric.lidl.net
se1-ucexe-p002.lidl.net
hgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
abz-ssl-client-si.lidl.net
se1-ucexe-p001.lidl.net
es4-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
exp2.ucie.lidl.net
*.vdc.lidl.net
jss.lidl.net
abz-ssl-client-eric.lidl.net
ssl-client-eee.lidl.net
se1-ucexe-p002.lidl.net
ebz-ssl-client-si.lidl.net
*.esaint.lidl.net
ssl-client-eee.lidl.net
qde-ssl-client-eric.lidl.net
hk-ucexe-p002.lidl.com.hk
heu-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
lsap29.asp.lidl.net
se1-ucexe-p001.lidl.net
abz-ssl-client-si.lidl.net
exp2.ucie.lidl.net
se1-ucexe-p001.lidl.net
qie-ssl-client-ie.lidl.net
hk-ucexe-p002.lidl.com.hk
lhr.hr.lidl.net
fizz.lidl.net
qdk-ssl-client-dk.lidl.net
l-tas154.asp.lidl.net
se1-ucexe-p001.lidl.net
ps4-ssl-client-eric.lidl.net
fizz.lidl.net
*.retail.lidl.net
qeu-ssl-client-eric.lidl.net
l-as525.asp.lidl.net
wirelessportal.lidl.com
hk-ucexe-p002.lidl.com.hk
se1-ucexe-p001.lidl.net
hgb-ssl-client-gb.lidl.net
heu-ssl-client-eric.lidl.net
exp2.ucie.lidl.net
fizz.lidl.net
se1-ucexe-p002.lidl.net
fizz.lidl.net
l-tas408.asp.lidl.net
fizz.lidl.net
*.sdl-career.lidl.net
heu-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
pf3-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
se1-ucexe-p001.lidl.net
qps-ssl-client.lidl.net
se1-ucexe-p001.lidl.net
hsi-ssl-client-si.lidl.net
*.vdc.lidl.net
se1-ucexe-p001.lidl.net
out-uc17.lidl.net
abz-ssl-client-gb.lidl.net
abz-ssl-client-cssz.lidl.net
hcz-ssl-client-cssz.lidl.net
exp1.ucie.lidl.net
ebz-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
qsi-ssl-client-si.lidl.net
wirelessportal.lidl.com
out-uc17.lidl.net
*.vdc.lidl.net
jss.lidl.net
fmmobile-qs.lidl.net
wirelessportal.lidl.com
pf3-ssl-client-eric.lidl.net
qie-ssl-client-ie.lidl.net
qps-ssl-client.lidl.net
out-uc18.lidl.net
ebz-ssl-client-eric.lidl.net
qeu-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
ebz-ssl-client-eric.lidl.net
se1-ucexe-p001.lidl.net
wirelessportal.lidl.com
hps-ssl-client.lidl.net
abz-ssl-client-dk.lidl.net
qsi-ssl-client-si.lidl.net
hdk-ssl-client-dk.lidl.net
se1-ucexe-p001.lidl.net
out-uc18.lidl.net
qs4-ssl-client-eric.lidl.net
out-uc18.lidl.net
out-uc18.lidl.net
se1-ucexe-p001.lidl.net
fizz.lidl.net
abz-ssl-client-dk.lidl.net
ebz-ssl-client-dk.lidl.net
hdk-ssl-client-dk.lidl.net
qf3-ssl-client-eric.lidl.net
se1-ucexe-p002.lidl.net
hgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
abz-ssl-client-si.lidl.net
se1-ucexe-p001.lidl.net
es4-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
exp2.ucie.lidl.net
*.vdc.lidl.net
jss.lidl.net
abz-ssl-client-eric.lidl.net
ssl-client-eee.lidl.net
se1-ucexe-p002.lidl.net
ebz-ssl-client-si.lidl.net
*.esaint.lidl.net
ssl-client-eee.lidl.net
qde-ssl-client-eric.lidl.net
hk-ucexe-p002.lidl.com.hk
heu-ssl-client-eric.lidl.net
Certificate
The complete raw certificate details for heu-ssl-client-eric.lidl.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJ0zCCB7ugAwIBAgIUNBXv+vslvhgruZw5bfmSR+Keed8wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMDUwMjA4 MjgzNFoXDTIzMDUwMjA4MjgzNFowgYcxCzAJBgNVBAYTAkRFMRswGQYDVQQIDBJC YWRlbi1Xw7xydHRlbWJlcmcxEzARBgNVBAcTCk5lY2thcnN1bG0xHzAdBgNVBAoM FkxpZGwgU3RpZnR1bmcgJiBDby4gS0cxJTAjBgNVBAMTHGhldS1zc2wtY2xpZW50 LWVyaWMubGlkbC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJ ESLBkdwsCEoB8PAVYMv2D+AItqRu89KHlH4H2Ync1CCA4xkBcDkcMBId98/bUQ+E +T0rI4frYiFHsKxLU2Dc4jj/e+50vX5G2UccYuhuB0wAtMuPVR+cYiTbr0neX6Dx d9nxu0PNAGArY3DWTMZifzW3l6FRVnRCrV0B2JpUBFm9wkO8n4UytLDI/xUnYUci i4FtqU9ROk8MsNPDjRCcxGNn2SCsZs8j2MZeS6qDeXGNS1oLT0e+G8AJmeve9GGi +lZz7Ov8pvRmuWoUBL29RkPnECmztoOQw2PUy142tx9PyhjaRb1egE6JmVzSc5Bm Tyf+4J+JK3NF+mE2V53hAgMBAAGjggVrMIIFZzBJBgNVHREEQjBAghxoZXUtc3Ns LWNsaWVudC1lcmljLmxpZGwubmV0giB3d3cuaGV1LXNzbC1jbGllbnQtZXJpYy5s aWRsLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMB0GA1UdDgQWBBRWS632QhzMZUkMmDdtVQ9eO1zpXDAfBgNVHSMEGDAW gBSs0DrCwldVkWkRzHBqWTiKjKycPTCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRw Oi8vY3JsLnN3aXNzc2lnbi5uZXQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1 OTM4OEE4Q0FDOUMzRDCBqKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3Nz aWduLm5ldC9DTj1BQ0QwM0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5 QzNEJTJDTz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxp c3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBvBgNVHSAE aDBmMFAGCGCFdAFZAgECMEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9y eS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbl9DUFNfVExTLnBkZjAIBgYEAI96AQcw CAYGZ4EMAQICMIHGBggrBgEFBQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDov L3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvQUNEMDNB QzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDBOBggrBgEFBQcwAYZC aHR0cDovL29jc3Auc3dpc3NzaWduLm5ldC9BQ0QwM0FDMkMyNTc1NTkxNjkxMUND NzA2QTU5Mzg4QThDQUM5QzNEMIICbQYKKwYBBAHWeQIEAgSCAl0EggJZAlcAdQBV gdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAYCD4rilAAAEAwBGMEQC IGRotaLmvsixRVNUYq2dU62ICKfsZ6M6USFulysP+CUZAiAN4MznQcdIzUquoVFI JeCwBOvViFlvEmyY84Tx7qa7LAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaN sgiaN9kTAAABgIPit78AAAQDAEcwRQIgTHSlmor3Tk/2lMR9DJVeuJE12N+1dbqT aUB8J0Jf/xoCIQD1NVa1XxXGq9pUM5uYP0XPbbfuD59hlDTbj30mXai7kgB1AK33 vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABgIPitxUAAAQDAEYwRAIg VgCWXlck07uptHjTsA0DDV6jKu8C1Krkx8PesLD7gSQCIDkA4N8+MH7N5Yuk7Mx/ LUbGH6ehE5ihq7EjcxGD4YytAHcAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PAD Dnk2pZoAAAGAg+K4XgAABAMASDBGAiEAw1PoZQ0m6tUwq+ARaCZN3cY4OeKO7bRC yUu0K2MS4JQCIQDmgZ9vUJzZBra0TEFJFyhj1E1imK1jV+LKED72AE6l5AB2AOg+ 0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABgIPit04AAAQDAEcwRQIh ANtttyq/B0cE8JcXqGbxPhrov5kCRvNqaT8XPbVpa3qfAiBqAHGUfDv0gNcZJoNf WAvDWTaXzfBx/txFCZYEGSo/CjANBgkqhkiG9w0BAQsFAAOCAgEAmYUD5bj7KtX1 ltdkgqp6XRN+mj1g+ThpCZsEgTSG2qm+/6TPf+vr3kCPyude8uuI5Ch7pV0te/ke xM64vSGdCrdoIOqgevFWd4n65Gicop8h7UF6DEPncYwRLUVZmiAE+3GtvpcN9SgZ L7S3brqIeGHsAQmnkad2tOnqFqPgxgTqzB++HxqkeQrYQYP8e+b0ibLbySvL4m5Y +L27u4vWAZKkrpzMHvwnB2BCAXVrrFdBP1WPhdfSYUWRUlv/tXQOn7CIXJKFMU5S hR3tfQi5sXNE3qtyB7qaORN4e1bXrgYE1fDdet1xCJAHXmmXGiQYYbMxJaJclJfg sKhDyg9GiZx+dL4HnwGck240iGLvMYp8ZcWOJ+Y3C+dh06YcZx6lWwPkfGewhVJv dLOPUerenN7VdQvQFplsvJIBO3aJbxx8L/1IQQ+uZ6UIZureSh1n++oMQhy278ge MO4xVikvKuiCKA5DZwaPYKAfJVmj/9kdukyzQGbfwBYPyWkQ4KG06Cag6kBErGaj Im2jDrm1lQ6KHMMFZLN4fV+QlhcpawH9H8kyOw9dG/Q/0xemHdsQxwX9z/hVi/lx +/XOUM4bvyafEQ6HciGQ2WSuHP8QSO8CFyu3VU+N5OS0x1nsqDbzK7/nVN7BE3wk JKAwp3Tud9l291mRuHbibv5jBSB7e/0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiREiwZHcLAhKAfDwFWDL 9g/gCLakbvPSh5R+B9mJ3NQggOMZAXA5HDASHffP21EPhPk9KyOH62IhR7CsS1Ng 3OI4/3vudL1+RtlHHGLobgdMALTLj1UfnGIk269J3l+g8XfZ8btDzQBgK2Nw1kzG Yn81t5ehUVZ0Qq1dAdiaVARZvcJDvJ+FMrSwyP8VJ2FHIouBbalPUTpPDLDTw40Q nMRjZ9kgrGbPI9jGXkuqg3lxjUtaC09HvhvACZnr3vRhovpWc+zr/Kb0ZrlqFAS9 vUZD5xAps7aDkMNj1MteNrcfT8oY2kW9XoBOiZlc0nOQZk8n/uCfiStzRfphNled 4QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 297356740972770416778272652013196230000247732703 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-02 08:28:34 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-02 08:28:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Württemberg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Neckarsulm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Lidl Stiftung & Co. KG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'heu-ssl-client-eric.lidl.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17303097741568143860936871197911187024568584007213826400151120345542871465104133304124624942927622040187648893151144066220443010741269037877924172748932988548262717719429523028449865653918300909849721096013089470187731739086613119357110069290290723504704764219970755159002458830489234435800288723848236089238049227881390821852570614298400945561184558654603225485483467184995445389242573344687600743316170614388080678021961029603527066687422087879617538093551670498651033798166304355810077854136147210917730377880318826698952990689781928943529632546153119744399224326413102085133224722205742204291159872890952029281761 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heu-ssl-client-eric.lidl.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.heu-ssl-client-eric.lidl.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 564badf6421ccc65490c98376d550f5e3b5ce95c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (605 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (601 bytes) 02570075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018083e2b8a5000004030046304402206468b5a2e6bec8b145535462ad9d53ad8808a7ec67a33a51216e972b0ff8251902200de0cce741c748cd4aaea1514825e0b004ebd588596f126c98f384f1eea6bb2c0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000018083e2b7bf000004030047304502204c74a59a8af74e4ff694c47d0c955eb89135d8dfb575ba9369407c27425fff1a022100f53556b55f15c6abda54339b983f45cf6db7ee0f9f619434db8f7d265da8bb92007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018083e2b715000004030046304402205600965e5724d3bba9b478d3b00d030d5ea32aef02d4aae4c7c3deb0b0fb812402203900e0df3e307ecde58ba4eccc7f2d46c61fa7a11398a1abb123731183e18cad007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000018083e2b85e0000040300483046022100c353e8650d26ead530abe01168264dddc63839e28eedb442c94bb42b6312e094022100e6819f6f509cd906b6b44c4149172863d44d6298ad6357e2ca103ef6004ea5e4007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018083e2b74e0000040300473045022100db6db72abf074704f09717a866f13e1ae8bf990246f36a693f173db5696b7a9f02206a0071947c3bf480d71926835f580bc3593697cdf071fedc45099604192a3f0a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00998503e5b8fb2ad5f596d76482aa7a5d137e9a3d60f93869099b04813486daa9beffa4cf7febebde408fcae75ef2eb88e4287ba55d2d7bf91ec4ceb8bd219d0ab76820eaa07af1567789fae4689ca29f21ed417a0c43e7718c112d45599a2004fb71adbe970df528192fb4b76eba887861ec0109a791a776b4e9ea16a3e0c604eacc1fbe1f1aa4790ad84183fc7be6f489b2dbc92bcbe26e58f8bdbbbb8bd60192a4ae9ccc1efc2707604201756bac57413f558f85d7d2614591525bffb5740e9fb0885c9285314e52851ded7d08b9b17344deab7207ba9a3913787b56d7ae0604d5f0dd7add710890075e69971a241861b33125a25c9497e0b0a843ca0f46899c7e74be079f019c936e348862ef318a7c65c58e27e6370be761d3a61c671ea55b03e47c67b085526f74b38f51eade9cded5750bd016996cbc92013b76896f1c7c2ffd48410fae67a50866eade4a1d67fbea0c421cb6efc81e30ee3156292f2ae882280e4367068f60a01f2559a3ffd91dba4cb34066dfc0160fc96910e0a1b4e826a0ea4044ac66a3226da30eb9b5950e8a1cc30564b3787d5f909617296b01fd1fc9323b0f5d1bf43fd317a61ddb10c705fdcff8558bf971fbf5ce50ce1bbf269f110e87722190d964ae1cff1048ef02172bb7554f8de4e4b4c759eca836f32bbfe754dec1137c2424a030a774ee77d976f75991b876e26efe6305207b7bfd