sonroad18.empa.ch
Issued by SwissSign RSA TLS DV ICA 2021 - 1
About this certificate
This digital certificate with serial number 66:c5:21:57:38:0b:c6:de:f3:97:d6:0a:46:e4:7d:67:95:0b:68:2c was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=sonroad18.empa.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 66:c5:21:57:38:0b:c6:de:f3:97:d6:0a:46:e4:7d:67:95:0b:68:2cSerial Number (int): 586713209812641751050990061082685872468210182188
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 19:43:ae:33:bf:ab:7b:80:06:d3:6a:94:6a:4f:c9:4b:22:29:87:8d
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87
Fingerprint (sha1): ac:20:0c:fc:3d:ac:a4:6f:08:de:0e:2e:51:93:d7:0f:7a:05:cc:af
Fingerprint (sha256): 18:70:1b:25:e9:f4:06:4d:f3:7e:fc:79:63:e2:13:9c:de:64:f2:77:32:70:00:8f:c4:76:8c:8b:ec:ad:f9:5c
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587
Revocation information
OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate sonroad18.empa.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sonroad18.empa.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sonroad18.empa.ch
www.sonroad18.empa.ch
www.sonroad18.empa.ch
Other certificates including the domain name empa.ch
(limited to 100 certificates)
certest-win.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
Certificate
The complete raw certificate details for sonroad18.empa.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKQTCCCCmgAwIBAgIUZsUhVzgLxt7zl9YKRuR9Z5ULaCwwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMDExNDA5 NTYyNVoXDTIzMDExNDA5NTYyNVowHDEaMBgGA1UEAxMRc29ucm9hZDE4LmVtcGEu Y2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGLguqD7cFb/V3mIj7 Q4FhvyBA5/QMH2/wyBcLHkrKdAltgePHCadmcV7BsAoE/Wal24YNIffBPFWGUW9X 78/j/3x9yIR/WYyP1Xp4V0HOPj47TEh3QkyXcQ2lTlQkUwQzzWygrhlY4C3UOiJE kiUrPitt379rgYaGHjes4tkRcTqG2I+GFH4UU2dPwuv0UA0Q6b6Gp3VbSLLlwtTh /+OSiQ/D9ZE9rLSo+OVa+X0Zl+/5bhzgVbU/AAQvHfakTqfsT/unzwj8ODI7mCR4 HCd2ExXLAzuwV7+spJ5at4HnUkW3ZfS3AT9hTtnrK5KGcM0PpjMBQ4E7JFdHQ6DE r2yVAgMBAAGjggZFMIIGQTAzBgNVHREELDAqghFzb25yb2FkMTguZW1wYS5jaIIV d3d3LnNvbnJvYWQxOC5lbXBhLmNoMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBlDrjO/q3uABtNqlGpPyUsi KYeNMB8GA1UdIwQYMBaAFDyeUnkDY29PnIEb0yhwDCRa6qWHMIH/BgNVHR8Egfcw gfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5ldC8zQzlFNTI3OTAzNjM2 RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3MIGooIGloIGihoGfbGRhcDovL2Rp cmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPTNDOUU1Mjc5MDM2MzZGNEY5QzgxMUJE MzI4NzAwQzI0NUFFQUE1ODclMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNh dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv blBvaW50MG8GA1UdIARoMGYwUAYIYIV0AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0 cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMu cGRmMAgGBgQAj3oBBjAIBgZngQwBAgEwgcYGCCsGAQUFBwEBBIG5MIG2MGQGCCsG AQUFBzAChlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2ktYmluL2F1dGhvcml0eS9k b3dubG9hZC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3 ME4GCCsGAQUFBzABhkJodHRwOi8vb2NzcC5zd2lzc3NpZ24ubmV0LzNDOUU1Mjc5 MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFFQUE1ODcwggNdBgorBgEEAdZ5AgQC BIIDTQSCA0kDRwB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAAB flgEV9cAAAQDAEcwRQIhAO1B0lnvEk4rCfrGO1q+K7edZr+RoS3cBcKk7z0yTt8i AiBz5F9ABysth2uiWtpN1RhWUPDM1Ks1XM0vwsmxsjlCUQB1AG9Tdqwx8DEZ2JkA pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABflgEV6EAAAQDAEYwRAIgBMd3ZWrJDPNh FPXc2WChjD6B+r0l/kGbG+i1JESKNE4CIEX6ZDsy2l4zDk2lHTefgjslP2AHZJ5w hL3gLrk0/GX/AHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAF+ WARWTwAABAMARzBFAiAujcp9YiICTSFLqFAcTvjf4A6b8BXFcGN45RwnzO4CoAIh AO8oPuxGRJe3HBeSWe9qQHyAoKP0rQuIcMgKHZ/zIvztAHUArfe++nz/EMiLnT2c Hj4YarRnKV3PsQwkyoWGNOvcgooAAAF+WARWrwAABAMARjBEAiBfS0HtuTAfXDOX fAVcXwCnh0bchcpIYHaODnOnqiPDhgIgYpmBEE1zuLDcLmI/0bqUbUtaqr3Gy6U6 YA0phpfOhhAAdgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX5Y BFf9AAAEAwBHMEUCIQD4E8okSlO5FzMxOHUJh1A9gUC+xmePre0h9VxlhrfkswIg TrzSs3Rm24vnTfEd+TuEuhCiIuwxH6S42d6fZwEQGykAdgDoPtDaPvUGNTLnVyi8 iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX5YBFiKAAAEAwBHMEUCIHStc+vGGMtPKuKo Kyql9Tcxpd9utuQZjbSBxeI053BHAiEA4WExqwnGBQ0jiDkzykHNSQV5iCHc2nU5 F204MYqI9JUAdwDofqdmC8Js9gAu9XJdP+DjMbk5O7kvv1jrO5BJ2vVDWgAAAX5Y BFpkAAAEAwBIMEYCIQDHPCjeBdgBqFSFOWoGqnC4yoRe1gzRS/8ubNGK/+zYNAIh ANn5kw8CPUl2nyiAsSIXivpYR1rEPDrDWLuONm9YlNTnMA0GCSqGSIb3DQEBCwUA A4ICAQA7WsL6J7Mo+2tO60rdnJ+RQ3nG0MJmp6aMphqj/iaa/HqkfJu/fcheWEwy IU1OtwF5uJZKO+IdILt3lTnGXJ/8j4JQWu0lC9eyU1XLXtmUPZUGHuz0PBRHQRb9 R4MjWuj4qZIPivdgCItm3CssnOoTxlLtqRgY2L0OY1P2kvwDK2btY99IJXuwQdnN lR/PG/F1qIgOJ6ZsthLO0yg0Szd7uzg8DWyrPhJBeumO/MbAYpyfd5MVwMwMEi1s YFDHFsqvdWaD1Y/k8VTruEjjDbWXCEHPOy9+haqt0BbpQ6vufsOeoVyGh0dfR423 nOy/jeVFWBNFbM2WmZ479LDfi2vgWX/k0NDm1/Tlop/0aVjeYI2xXfOwHM635s+j kabkJGbXs5IM2Z1feFMO8GpucNlZ+JZfKt7Yya0ez8dnIR1lCFTtCoCYhZJ5wTj2 G+UeU11x3eittUkQizuA1bdD+/a6KjNWNdSxLygRycAomvMI6GcvHTXXRoczcJEr eiFGetl4n4kcBI3OPe8TwxjHLKgA4sY0KNA33dERyyf0et+5MCJUXpqXZIvxSHnz vlQ+CNHxtw/rPIn6SZ6XXHOX6/Uvz7hSigZNlKgsXJlrjTAk6mVV1WXZUXnD6xp/ Xz9MPDEh1uMioCXmzjXOidSmBwes12c7+Ye84Yc57nt/4JvTsg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi4Lqg+3BW/1d5iI+0OB Yb8gQOf0DB9v8MgXCx5KynQJbYHjxwmnZnFewbAKBP1mpduGDSH3wTxVhlFvV+/P 4/98fciEf1mMj9V6eFdBzj4+O0xId0JMl3ENpU5UJFMEM81soK4ZWOAt1DoiRJIl Kz4rbd+/a4GGhh43rOLZEXE6htiPhhR+FFNnT8Lr9FANEOm+hqd1W0iy5cLU4f/j kokPw/WRPay0qPjlWvl9GZfv+W4c4FW1PwAELx32pE6n7E/7p88I/DgyO5gkeBwn dhMVywM7sFe/rKSeWreB51JFt2X0twE/YU7Z6yuShnDND6YzAUOBOyRXR0OgxK9s lQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 586713209812641751050990061082685872468210182188 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-14 09:56:25 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-14 09:56:25 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sonroad18.empa.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25017890296991614389501164835233182785398325588472660987808619397537523100679065703258540017093481589075184790531741351758558762945228414698699863238544611698613054256821394300580073348463004214420585525803352929524726189439235255374758810411382607880688041520685081821114828214711490332599847269321424827509996378753500565981862352719824702573227474692445090643364440825747075357857683586751828089723453518788624279830552509679324445169443885986929187368577829895980073380026359209469088913351341210993070051259186896578684276297949338458063029672938342171542857248044293883103282804516038073195491026733353030085781 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonroad18.empa.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonroad18.empa.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1943ae33bfab7b8006d36a946a4fc94b2229878d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (845 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (841 bytes) 03470076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000017e580457d70000040300473045022100ed41d259ef124e2b09fac63b5abe2bb79d66bf91a12ddc05c2a4ef3d324edf22022073e45f40072b2d876ba25ada4dd5185650f0ccd4ab355ccd2fc2c9b1b23942510075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017e580457a10000040300463044022004c777656ac90cf36114f5dcd960a18c3e81fabd25fe419b1be8b524448a344e022045fa643b32da5e330e4da51d379f823b253f6007649e7084bde02eb934fc65ff0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017e5804564f000004030047304502202e8dca7d6222024d214ba8501c4ef8dfe00e9bf015c5706378e51c27ccee02a0022100ef283eec464497b71c179259ef6a407c80a0a3f4ad0b8870c80a1d9ff322fced007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017e580456af000004030046304402205f4b41edb9301f5c33977c055c5f00a78746dc85ca4860768e0e73a7aa23c3860220629981104d73b8b0dc2e623fd1ba946d4b5aaabdc6cba53a600d298697ce8610007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017e580457fd0000040300473045022100f813ca244a53b917333138750987503d8140bec6678faded21f55c6586b7e4b302204ebcd2b37466db8be74df11df93b84ba10a222ec311fa4b8d9de9f6701101b29007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017e5804588a0000040300473045022074ad73ebc618cb4f2ae2a82b2aa5f53731a5df6eb6e4198db481c5e234e77047022100e16131ab09c6050d23883933ca41cd4905798821dcda7539176d38318a88f495007700e87ea7660bc26cf6002ef5725d3fe0e331b9393bb92fbf58eb3b9049daf5435a0000017e58045a640000040300483046022100c73c28de05d801a85485396a06aa70b8ca845ed60cd14bff2e6cd18affecd834022100d9f9930f023d49769f2880b122178afa58475ac43c3ac358bb8e366f5894d4e7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 003b5ac2fa27b328fb6b4eeb4add9c9f914379c6d0c266a7a68ca61aa3fe269afc7aa47c9bbf7dc85e584c32214d4eb70179b8964a3be21d20bb779539c65c9ffc8f82505aed250bd7b25355cb5ed9943d95061eecf43c14474116fd4783235ae8f8a9920f8af760088b66dc2b2c9cea13c652eda91818d8bd0e6353f692fc032b66ed63df48257bb041d9cd951fcf1bf175a8880e27a66cb612ced328344b377bbb383c0d6cab3e12417ae98efcc6c0629c9f779315c0cc0c122d6c6050c716caaf756683d58fe4f154ebb848e30db5970841cf3b2f7e85aaadd016e943abee7ec39ea15c8687475f478db79cecbf8de5455813456ccd96999e3bf4b0df8b6be0597fe4d0d0e6d7f4e5a29ff46958de608db15df3b01cceb7e6cfa391a6e42466d7b3920cd99d5f78530ef06a6e70d959f8965f2aded8c9ad1ecfc767211d650854ed0a8098859279c138f61be51e535d71dde8adb549108b3b80d5b743fbf6ba2a335635d4b12f2811c9c0289af308e8672f1d35d746873370912b7a21467ad9789f891c048dce3def13c318c72ca800e2c63428d037ddd111cb27f47adfb93022545e9a97648bf14879f3be543e08d1f1b70feb3c89fa499e975c7397ebf52fcfb8528a064d94a82c5c996b8d3024ea6555d565d95179c3eb1a7f5f3f4c3c3121d6e322a025e6ce35ce89d4a60707acd7673bf987bce18739ee7b7fe09bd3b2