*.kaufland.com
- Kaufland Stiftung & Co. KG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 3d:1f:93:1c:6e:3a:df:5f:7c:6c:80:e8:ad:d5:9b:67:8c:bf:73:dd was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Kaufland Stiftung & Co. KG
Organization:
Kaufland Stiftung & Co. KG
State / Province:
BW
Locality: Neckarsulm
Country: DE
Locality: Neckarsulm
Country: DE
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 3d:1f:93:1c:6e:3a:df:5f:7c:6c:80:e8:ad:d5:9b:67:8c:bf:73:ddSerial Number (int): 348952575301867666134803547660780639612154377181
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: 88:0b:55:50:31:06:2b:8c:5b:ee:b8:23:bd:a5:c8:38:a9:38:3d:26
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): b1:b8:23:3c:9f:9d:ed:cd:f6:9c:ad:10:14:c7:dd:05:85:c0:9d:09
Fingerprint (sha256): 19:69:1d:7e:3f:ed:4b:e3:bf:60:80:aa:0f:6c:2e:14:d5:86:ff:3a:2c:cf:3d:1f:d1:25:38:b9:9b:1a:86:6a
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate *.kaufland.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.kaufland.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.kaufland.com
Other certificates including the domain name kaufland.com
(limited to 100 certificates)
iqpim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
media.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
ssl2.ipaper.io
mobsot02.kaufland.com
ssl.ipaper.io
pim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
at2-ssl-client-fi-hcm.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
portal.eu.kaufland.com
qs2-ssl-client-fi-hcm.kaufland.com
iapim.kaufland.com
kaufland-blumen.de
asset.kaufland.com
*.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
remote.au.kaufland.com
www-pc.kaufland.com
ssl3.ipaper.io
ssl2.ipaper.io
ssl2.ipaper.io
*.ipaper.io
media-q.kaufland.com
media.kaufland.com
se1-ucexe-p011.uc.schwarz
ssl.ipaper.io
ssl3.ipaper.io
ssl2.ipaper.io
*.ipaper.io
test-hr-portal.kaufland.com
portal.eu.kaufland.com
www-ac.kaufland.com
giftcard-q.kaufland.com
portal.eu.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
www-q.kaufland.com
connect-app.kaufland.com
ssl.ipaper.io
media.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
ssl2.ipaper.io
ssl.ipaper.io
*.leaflets.kaufland.com
media.kaufland.com
iqpim.kaufland.com
assets.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
*.ipaper.io
filex-test.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
jobs.kaufland.com
secmail.kaufland.com
account.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
*.ipaper.io
webassets.kaufland.com
account.kaufland.com
www-ec.kaufland.com
asset.kaufland.com
*.leaflets.kaufland.com
account-qs.kaufland.com
*.kaufland.com
www-fc.kaufland.com
kauf.land
*.ipaper.io
www-p.kaufland.com
kaufland.com
*.ipaper.io
ssl2.ipaper.io
dam.kaufland.com
se1-ucexe-p013.uc.schwarz
remote.cz.kaufland.com
www-q.kaufland.com
www-ac.kaufland.com
*.ipaper.io
mobsot.kaufland.com
*.ipaper.io
ssl.ipaper.io
eu.limo.remote.schwarz
jobs.kaufland.com
doa.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
www-q.kaufland.com
remote.eu.kaufland.com
ssl.ipaper.io
www-qc.kaufland.com
www-pc.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
media.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
ssl2.ipaper.io
mobsot02.kaufland.com
ssl.ipaper.io
pim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
at2-ssl-client-fi-hcm.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
portal.eu.kaufland.com
qs2-ssl-client-fi-hcm.kaufland.com
iapim.kaufland.com
kaufland-blumen.de
asset.kaufland.com
*.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
remote.au.kaufland.com
www-pc.kaufland.com
ssl3.ipaper.io
ssl2.ipaper.io
ssl2.ipaper.io
*.ipaper.io
media-q.kaufland.com
media.kaufland.com
se1-ucexe-p011.uc.schwarz
ssl.ipaper.io
ssl3.ipaper.io
ssl2.ipaper.io
*.ipaper.io
test-hr-portal.kaufland.com
portal.eu.kaufland.com
www-ac.kaufland.com
giftcard-q.kaufland.com
portal.eu.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
www-q.kaufland.com
connect-app.kaufland.com
ssl.ipaper.io
media.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
ssl2.ipaper.io
ssl.ipaper.io
*.leaflets.kaufland.com
media.kaufland.com
iqpim.kaufland.com
assets.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
*.ipaper.io
filex-test.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
jobs.kaufland.com
secmail.kaufland.com
account.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
*.ipaper.io
webassets.kaufland.com
account.kaufland.com
www-ec.kaufland.com
asset.kaufland.com
*.leaflets.kaufland.com
account-qs.kaufland.com
*.kaufland.com
www-fc.kaufland.com
kauf.land
*.ipaper.io
www-p.kaufland.com
kaufland.com
*.ipaper.io
ssl2.ipaper.io
dam.kaufland.com
se1-ucexe-p013.uc.schwarz
remote.cz.kaufland.com
www-q.kaufland.com
www-ac.kaufland.com
*.ipaper.io
mobsot.kaufland.com
*.ipaper.io
ssl.ipaper.io
eu.limo.remote.schwarz
jobs.kaufland.com
doa.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
www-q.kaufland.com
remote.eu.kaufland.com
ssl.ipaper.io
www-qc.kaufland.com
www-pc.kaufland.com
Certificate
The complete raw certificate details for *.kaufland.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGaTCCBFGgAwIBAgIUPR+THG463198bIDordWbZ4y/c90wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTIzMDkxNDE1 NDQyOVoXDTI0MDkxNDE1NDQyOVowbTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkJX MRMwEQYDVQQHDApOZWNrYXJzdWxtMSMwIQYDVQQKDBpLYXVmbGFuZCBTdGlmdHVu ZyAmIENvLiBLRzEXMBUGA1UEAwwOKi5rYXVmbGFuZC5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCvQqvj4S4N5kz4BTO3goJZQhCUsZLemoEo9qus gmME9nZQFgceIv29rtLVzelZi+l7Zwt4O9+SKVnH2OtMbd3ZXJwt+4sS6WHAU3LG hrI5aPGtEDcTtn45KI1YJ7UafM0JWZfZdFt0r75neMTzfFPzEctxjARDkMvV4/T7 4MSvNEAXAHIW7fgY43Vm4i3sMJx3Lh3QqgvCa1nDjLsmV5+M7uRuaU92C4mm3IyG EEVQYd2wiq1vxQdC9ZxxS5hu5XZdsoAeURBRJfejtY3c5VBhnm9eYEfWNIrkLT3J d4VmtDDWiZJRFn1WhwXfCke9qOKjPpKIfWBZry6b0VNJPiqpAgMBAAGjggIcMIIC GDCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKGQGh0dHA6Ly9haWEuc3dp c3NzaWduLmNoL2Fpci0wZjJiZjlhNS1kZDM3LTQ4YzktYTg1Yi0xMmFjZGNiOGJl NDUwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNzc2lnbi5jaC9zaWduL29j cy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3M2VmZWMwbwYDVR0gBGgw ZjAIBgZngQwBAgIwCAYGBACPegEHMFAGCGCFdAFZAgECMEQwQgYIKwYBBQUHAgEW Nmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbl9DUFNf VExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vY3JsLnN3aXNzc2lnbi5j aC9jZHAtOTZiNjJmNWEtNmI3My00ZGE0LTg3ZjctY2U0MDAyYzFjZDM0MB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCBaAwGQYDVR0R BBIwEIIOKi5rYXVmbGFuZC5jb20wHQYDVR0OBBYEFIgLVVAxBiuMW+64I72lyDip OD0mMB8GA1UdIwQYMBaAFHxvCm8TD9mMJG8mNPNca0NttyO2MBMGCisGAQQB1nkC BAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAS/lABViIKQv8o01FZkBElpZKd /jnHPk3zNVKqdzrGfuOm9BQauOlWEAglzdOVR186HrrQqJb/CALteq4EtuVt145r ib1jKDIVpIKVZX6ilrWE8wZrDZQe6HrhYun84CoBLZa6ub0X4cLHva35BhN/46ro X1fqKY3bKCs5+E3UhPRVQQ721CN0Z0JeCWwfUst8pUf50ENCkvrTb88hDDSG8SXU bFT9C/fTMixxIdKA5yg+emMJWvUd1dhSjhvyWxVfO1PKPo+gFjAgi5y0Bs8gcl70 g5gHxwWichvoPXPtTd6lW2k/Js8dApHu8cfDqtGGu1mFHH+JMokB+sp7V/vceCIp hcP367qmbyw6ByY7WCzyX53fcassX21TZDL/7TQJg+Ttpb0CCwBhVMyQ083iZABb 6wXkloDdj8WjBw6JLqXX28scqYEwz0AIe6JAenijTN7wgEHzuNJhMSXs0jN74U1+ KzDU+MO4EH/jCH2hFtcFgqLXwFb+1DbcS73O4nzDBFRZuBzh7rDyERcwpw/YTcML TjoSHjKdM1qeZ92ncJArfEqTGOcq73ciHtu+rI2J738/0d3jCRj/h/3teBptHcfY IDz7psXUeu/D3pd2Hae6uP1NY/a1DoN3TiUXql2lN6wtOJWn5Jujj47AXwU1PvkG h3Xj95ZwHEsbVh1evA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0Kr4+EuDeZM+AUzt4KC WUIQlLGS3pqBKParrIJjBPZ2UBYHHiL9va7S1c3pWYvpe2cLeDvfkilZx9jrTG3d 2VycLfuLEulhwFNyxoayOWjxrRA3E7Z+OSiNWCe1GnzNCVmX2XRbdK++Z3jE83xT 8xHLcYwEQ5DL1eP0++DErzRAFwByFu34GON1ZuIt7DCcdy4d0KoLwmtZw4y7Jlef jO7kbmlPdguJptyMhhBFUGHdsIqtb8UHQvWccUuYbuV2XbKAHlEQUSX3o7WN3OVQ YZ5vXmBH1jSK5C09yXeFZrQw1omSURZ9VocF3wpHvajioz6SiH1gWa8um9FTST4q qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 348952575301867666134803547660780639612154377181 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-14 15:44:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-14 15:44:29 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BW' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Neckarsulm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Kaufland Stiftung & Co. KG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.kaufland.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22124580284381289470565317162835946240194443631787779747363337427181390556872132943331693406809325804784148486700937185895295114010016312781275878963389766717426445428863693320114590742011679253402647142749101846032820071074872516998517096379699845312674293506215812837759224233609733910411551495918341538383425860769764024302908456782816676735681191192181053076214763845952659743970290757048010597844554423292555934292686415645451698472413804722343525601067195503111975666801198204347122209851879829370037260268001972000349293159217738668606678163264404889733221574103200930718685284697678113662212063276877932800681 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kaufland.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 880b555031062b8c5beeb823bda5c838a9383d26 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0012fe500156220a42ff28d35159901125a5929dfe39c73e4df33552aa773ac67ee3a6f4141ab8e956100825cdd395475f3a1ebad0a896ff0802ed7aae04b6e56dd78e6b89bd63283215a48295657ea296b584f3066b0d941ee87ae162e9fce02a012d96bab9bd17e1c2c7bdadf906137fe3aae85f57ea298ddb282b39f84dd484f455410ef6d4237467425e096c1f52cb7ca547f9d0434292fad36fcf210c3486f125d46c54fd0bf7d3322c7121d280e7283e7a63095af51dd5d8528e1bf25b155f3b53ca3e8fa01630208b9cb406cf20725ef4839807c705a2721be83d73ed4ddea55b693f26cf1d0291eef1c7c3aad186bb59851c7f89328901faca7b57fbdc78222985c3f7ebbaa66f2c3a07263b582cf25f9ddf71ab2c5f6d536432ffed340983e4eda5bd020b006154cc90d3cde264005beb05e49680dd8fc5a3070e892ea5d7dbcb1ca98130cf40087ba2407a78a34cdef08041f3b8d2613125ecd2337be14d7e2b30d4f8c3b8107fe3087da116d70582a2d7c056fed436dc4bbdcee27cc3045459b81ce1eeb0f2111730a70fd84dc30b4e3a121e329d335a9e67dda770902b7c4a9318e72aef77221edbbeac8d89ef7f3fd1dde30918ff87fded781a6d1dc7d8203cfba6c5d47aefc3de97761da7bab8fd4d63f6b50e83774e2517aa5da537ac2d3895a7e49ba38f8ec05f05353ef9068775e3f796701c4b1b561d5ebc