*.sartorius.com
Issued by SwissSign RSA TLS DV ICA 2021 - 1
About this certificate
This digital certificate with serial number 1a:5a:f6:85:2c:6f:1c:fd:14:5a:1e:5f:ac:89:d1:58:a1:3f:c5:24 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.sartorius.com
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 1a:5a:f6:85:2c:6f:1c:fd:14:5a:1e:5f:ac:89:d1:58:a1:3f:c5:24Serial Number (int): 150462302048244561942616995161630025130843292964
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: c3:f5:c5:af:01:20:6d:c3:54:f2:d2:78:6e:f4:f8:61:d7:ca:99:36
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87
Fingerprint (sha1): 17:93:e7:37:b4:4a:b4:53:70:bb:7f:dc:c3:cb:47:ff:a4:4a:26:bd
Fingerprint (sha256): 1d:0a:56:b9:95:3a:fd:25:34:aa:4a:33:84:2f:4d:47:37:14:3a:0b:51:49:f3:1c:6b:e0:1d:fe:f0:d9:95:ad
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587
Revocation information
OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate *.sartorius.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.sartorius.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.sartorius.com
sartorius.com
sartorius.com
Other certificates including the domain name sartorius.com
(limited to 100 certificates)
cert00068-azurecdn.akamaized.net
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
eshop.sartorius.com
api-qa.sartorius.com
*.scp.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
eshop-qa.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
ir-berichte.sartorius.de
btconfigurator-dev2.sartorius.com
su-adp-presentation.sartorius.com
*.portal.sartorius.com
cert00068-azurecdn.akamaized.net
jira.sartorius.com
am.vpn.sartorius.com
cert00068-azurecdn.akamaized.net
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
www.sartorius.com
sfpi-test.sartorius.com
go.sartorius.com
bioprocess-sandbox.sartorius.com
configurator-presentation.sartorius.com
serviceshop.sartorius.de
login.sartorius.com
click.sartorius.com
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
eshop.sartorius.com
api-qa.sartorius.com
*.scp.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
eshop-qa.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
ir-berichte.sartorius.de
btconfigurator-dev2.sartorius.com
su-adp-presentation.sartorius.com
*.portal.sartorius.com
cert00068-azurecdn.akamaized.net
jira.sartorius.com
am.vpn.sartorius.com
cert00068-azurecdn.akamaized.net
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
www.sartorius.com
sfpi-test.sartorius.com
go.sartorius.com
bioprocess-sandbox.sartorius.com
configurator-presentation.sartorius.com
serviceshop.sartorius.de
login.sartorius.com
click.sartorius.com
Certificate
The complete raw certificate details for *.sartorius.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKNzCCCB+gAwIBAgIUGlr2hSxvHP0UWh5frInRWKE/xSQwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMDgyNDA2 NTI1M1oXDTIzMDgyNDA2NTI1M1owGjEYMBYGA1UEAwwPKi5zYXJ0b3JpdXMuY29t MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw9ccxzqQKigIxeDo9Vt 6sB9bNHS6hSqtEVxNkFP2rNF0WE3f0pejSMLaSYQQ6zHfaywhg5U6ugU/OjSjmFE w47c35xxD6O+PVTxL6+kAaHPKl//AHQbvWuHrGyURysWjM+W80OMU3PyE4BQ00M7 Og/JVuYzgFeI05LBGLjYU57idMdSH7lQmd9wHU6K88JosOvWMbpU4t1TrLc+dTWX BtYgpcdNP7MFrxCkpGB8poqZs89KviXihmffl3upUyG2N6j/+JG10q3GFgGUUp70 Y69C8hLDShsh/JIW4gBkBuT1H2vwVjRLWp+WlJLS/mkzW4IwzgXhyfsGBUYMQqtC uwIDAQABo4IGPTCCBjkwKQYDVR0RBCIwIIIPKi5zYXJ0b3JpdXMuY29tgg1zYXJ0 b3JpdXMuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwHQYDVR0OBBYEFMP1xa8BIG3DVPLSeG70+GHXypk2MB8GA1UdIwQY MBaAFDyeUnkDY29PnIEb0yhwDCRa6qWHMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0 dHA6Ly9jcmwuc3dpc3NzaWduLm5ldC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMy ODcwMEMyNDVBRUFBNTg3MIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lz c3NpZ24ubmV0L0NOPTNDOUU1Mjc5MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFF QUE1ODclMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9u TGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MG8GA1Ud IARoMGYwUAYIYIV0AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0 b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMAgGBgQAj3oB BjAIBgZngQwBAgEwgcYGCCsGAQUFBwEBBIG5MIG2MGQGCCsGAQUFBzAChlhodHRw Oi8vc3dpc3NzaWduLm5ldC9jZ2ktYmluL2F1dGhvcml0eS9kb3dubG9hZC8zQzlF NTI3OTAzNjM2RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3ME4GCCsGAQUFBzAB hkJodHRwOi8vb2NzcC5zd2lzc3NpZ24ubmV0LzNDOUU1Mjc5MDM2MzZGNEY5Qzgx MUJEMzI4NzAwQzI0NUFFQUE1ODcwggNfBgorBgEEAdZ5AgQCBIIDTwSCA0sDSQB2 AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABgs6gFw0AAAQDAEcw RQIhAJ3sRQ07lttlizUbMvCCsuUuN5coPn4ajN3Wyn5xxSslAiATJ3Vc1j5mNFYr w89IIBrNqr3+bUFwxQ8LL9S+xZ9cPwB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEA KQaNsgiaN9kTAAABgs6gFeEAAAQDAEgwRgIhAPRbAKRg50txrV/1dOtMJHnYeV8g wssL9MaDaMZ+zHXHAiEAxrdz47u61kAnQpHbVlHEAfiOpQ0PClgvcBF2vA2xgJAA dQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYLOoBXEAAAEAwBG MEQCIB6xS7ldv52EDbVFMeouX07OO2Q2FtJP9Hm+118hxXuPAiBg4gIVLorjBdYb lPZevpLsMRUUZNsQNcrCHA6CPdXkMQB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EM JMqFhjTr3IKKAAABgs6gFfwAAAQDAEcwRQIhAIBGucTKWnhVMGuIDfMjAnJgmkxi LD1FxxJhb28tGVU7AiBbbnWqQIlnKo/Mj67Lt+baAevcBEMRuxsa3h8ka1b+kgB2 ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABgs6gF1cAAAQDAEcw RQIhAMtq5kNderpdg25YBXUFz6Mr9kRHBk/y287nQquZ2quSAiBnWEqT4vxXv6S4 /USn41Tr7s7ve3O8HxDCckIx9C26jwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs 62nhd31tBr1uAAABgs6gF9gAAAQDAEcwRQIgIl/CBYMmGf/4DIUoU4fo3LrF8yEG whn0yXXdd1IlHFQCIQDfvRLBqbgJQ2eAEI1vDwYmkJTyGSTBe9Y5wNW/xeVz6AB3 AOh+p2YLwmz2AC71cl0/4OMxuTk7uS+/WOs7kEna9UNaAAABgs6gGJkAAAQDAEgw RgIhAN0Tx8tjTSZD8g13E5x5iRZGhpEGN08kTTSlIwbZoiFEAiEAvGmUCA61sPqr rLNb7RKTZ4NP6zGtnNeJbobfRL3Ak2wwDQYJKoZIhvcNAQELBQADggIBAEwNcLUe R3OULsAeL3dJi5gqVA2jW8kPTz/5cpv8PjzOJKO19tmeDPMFURrTpFAn7LCrr3TO ZRDqFtrZHHki46r+I2zR96CGh9SeJH8SEwu0165mnj9aHA3iwBicNmDTlkhOvDyC 1hCRgEsNlcz7tCGT4kyOZUUBC6r6rhXAAd6IrdjYaDWlCEEx8fyZOSkj/Q8Xj4au XgnBkOpk6ZqHTlorSyf2dqmBvdfE8+PdsOcjT4SUwhKmA10uezHSLNFZ9pGXs6ql HOWrUA5GL6YTtuORSpG/FhygKF7tovKDjorkcNAuE1q/dlwRVL5k1Eti6ahc+P9G HpFmfq4293URZzNCFcADt4aS0yA9kj/wxgKjeOXJENX6dI6/waGsdQKK0UVJiKlI FQc0VkSkZw2e0atsTZwcD7yr/jRSeiswJQa/F5G1x7vm23kqoholFS+O0NN54/8a e4hhq8dEeKzbfcADRNZOW28J7+/6JShOZiQ5ZBB00ilH+hbDm/OrQajGHWWb/9+6 HK82VxuEb/hgR+DefNXZ7RLIjtng+clebWmIZ0NUk8mandNsU7lh8Aw7tQTvN9Et 90zCwUKnIGS10Zv5VGh8s9RCF/57YwpmrmwnDJoFAQt7XQkhN0t5eAY/MnCA0agp XM3ft3bGJmQd/7gSbcMH2a95lqPqTDmSD6OD -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw9ccxzqQKigIxeDo9Vt 6sB9bNHS6hSqtEVxNkFP2rNF0WE3f0pejSMLaSYQQ6zHfaywhg5U6ugU/OjSjmFE w47c35xxD6O+PVTxL6+kAaHPKl//AHQbvWuHrGyURysWjM+W80OMU3PyE4BQ00M7 Og/JVuYzgFeI05LBGLjYU57idMdSH7lQmd9wHU6K88JosOvWMbpU4t1TrLc+dTWX BtYgpcdNP7MFrxCkpGB8poqZs89KviXihmffl3upUyG2N6j/+JG10q3GFgGUUp70 Y69C8hLDShsh/JIW4gBkBuT1H2vwVjRLWp+WlJLS/mkzW4IwzgXhyfsGBUYMQqtC uwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 150462302048244561942616995161630025130843292964 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-24 06:52:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-24 06:52:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.sartorius.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17554699246535772941606217919014205416393890547992146065235007200490084592418500697195764434107549724539251642418060379137321149499789754969288729464524600736819100127810270614007421836993101178611591392687967187031185862247355802662030971783762644784638781077875613924022846977227027657484842090852444088303278087905586893245748693967734550031393449257823436447484154977238283126969535098903054990717196616271279501403523774916468233001190157238540840449482306942072743388781782683037865795545634978848958361584683043428580984857311732847456500068303004221413932181986844629988909267268015102420646063788553092678331 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sartorius.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sartorius.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c3f5c5af01206dc354f2d2786ef4f861d7ca9936 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (847 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (843 bytes) 03490076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000182cea0170d00000403004730450221009dec450d3b96db658b351b32f082b2e52e3797283e7e1a8cddd6ca7e71c52b2502201327755cd63e6634562bc3cf48201acdaabdfe6d4170c50f0b2fd4bec59f5c3f0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000182cea015e10000040300483046022100f45b00a460e74b71ad5ff574eb4c2479d8795f20c2cb0bf4c68368c67ecc75c7022100c6b773e3bbbad640274291db5651c401f88ea50d0f0a582f701176bc0db180900075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000182cea015c4000004030046304402201eb14bb95dbf9d840db54531ea2e5f4ece3b643616d24ff479bed75f21c57b8f022060e202152e8ae305d61b94f65ebe92ec31151464db1035cac21c0e823dd5e431007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000182cea015fc00000403004730450221008046b9c4ca5a7855306b880df3230272609a4c622c3d45c712616f6f2d19553b02205b6e75aa4089672a8fcc8faecbb7e6da01ebdc044311bb1b1ade1f246b56fe92007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000182cea017570000040300473045022100cb6ae6435d7aba5d836e58057505cfa32bf64447064ff2dbcee742ab99daab92022067584a93e2fc57bfa4b8fd44a7e354ebeeceef7b73bc1f10c2724231f42dba8f007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000182cea017d800000403004730450220225fc205832619fff80c85285387e8dcbac5f32106c219f4c975dd7752251c54022100dfbd12c1a9b809436780108d6f0f06269094f21924c17bd639c0d5bfc5e573e8007700e87ea7660bc26cf6002ef5725d3fe0e331b9393bb92fbf58eb3b9049daf5435a00000182cea018990000040300483046022100dd13c7cb634d2643f20d77139c79891646869106374f244d34a52306d9a22144022100bc6994080eb5b0faabacb35bed129367834feb31ad9cd7896e86df44bdc0936c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 004c0d70b51e4773942ec01e2f77498b982a540da35bc90f4f3ff9729bfc3e3cce24a3b5f6d99e0cf305511ad3a45027ecb0abaf74ce6510ea16dad91c7922e3aafe236cd1f7a08687d49e247f12130bb4d7ae669e3f5a1c0de2c0189c3660d396484ebc3c82d61091804b0d95ccfbb42193e24c8e6545010baafaae15c001de88add8d86835a5084131f1fc99392923fd0f178f86ae5e09c190ea64e99a874e5a2b4b27f676a981bdd7c4f3e3ddb0e7234f8494c212a6035d2e7b31d22cd159f69197b3aaa51ce5ab500e462fa613b6e3914a91bf161ca0285eeda2f2838e8ae470d02e135abf765c1154be64d44b62e9a85cf8ff461e91667eae36f7751167334215c003b78692d3203d923ff0c602a378e5c910d5fa748ebfc1a1ac75028ad1454988a9481507345644a4670d9ed1ab6c4d9c1c0fbcabfe34527a2b302506bf1791b5c7bbe6db792aa21a25152f8ed0d379e3ff1a7b8861abc74478acdb7dc00344d64e5b6f09efeffa25284e662439641074d22947fa16c39bf3ab41a8c61d659bffdfba1caf36571b846ff86047e0de7cd5d9ed12c88ed9e0f9c95e6d698867435493c99a9dd36c53b961f00c3bb504ef37d12df74cc2c142a72064b5d19bf954687cb3d44217fe7b630a66ae6c270c9a05010b7b5d0921374b7978063f327080d1a8295ccddfb776c626641dffb8126dc307d9af7996a3ea4c39920fa383