brm.sartorius.com
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 39:15:c8:4d:c5:6f:3b:ee:5b:3c:0b:a2:53:2b:21:f6:1c:90:e0:ef was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=brm.sartorius.com
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 39:15:c8:4d:c5:6f:3b:ee:5b:3c:0b:a2:53:2b:21:f6:1c:90:e0:efSerial Number (int): 325898238507492076596483275633556073166081679599
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: 58:e2:c1:51:33:85:bd:1a:7e:82:c4:56:ca:70:76:a5:a1:9a:0e:8f
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 67:13:fd:ab:a1:f5:52:e1:f3:ba:05:8d:77:b0:ff:9d:f0:33:40:4b
Fingerprint (sha256): 1d:c3:b0:4d:a0:7a:63:d3:8b:ee:8e:00:59:29:f1:59:99:62:0e:c7:01:08:30:16:7e:cc:95:e8:3a:19:0e:06
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate brm.sartorius.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for brm.sartorius.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
brm.sartorius.com
Other certificates including the domain name sartorius.com
(limited to 100 certificates)
cert00068-azurecdn.akamaized.net
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
btconfigurator-dev.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-qa.sartorius.com
api-internal.sartorius.com
eshop.sartorius.com
api-qa.sartorius.com
owa.sartorius.com
de05bwinterfacetest.sartorius.com
*.scp.sartorius.com
open-access.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-test.sartorius.com
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
developerqa.sartorius.com
remote-access-dev.sartorius.com
eshop-qa.sartorius.com
sip-mobile.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
sce-experlogix.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
brm.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
gonsap68.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
config-data-downloads.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
dex.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
open-access.sartorius.com
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
delivery.wcms.qa.sartorius.com
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
developer.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
btconfigurator-dev.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-qa.sartorius.com
api-internal.sartorius.com
eshop.sartorius.com
api-qa.sartorius.com
owa.sartorius.com
de05bwinterfacetest.sartorius.com
*.scp.sartorius.com
open-access.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-test.sartorius.com
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
developerqa.sartorius.com
remote-access-dev.sartorius.com
eshop-qa.sartorius.com
sip-mobile.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
sce-experlogix.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
brm.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
gonsap68.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
config-data-downloads.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
dex.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
open-access.sartorius.com
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
delivery.wcms.qa.sartorius.com
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
developer.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
Certificate
The complete raw certificate details for brm.sartorius.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGzCCBAOgAwIBAgIUORXITcVvO+5bPAuiUysh9hyQ4O8wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDEyNTEz NDEyNFoXDTI1MDEyNTEzNDEyNFowHDEaMBgGA1UEAxMRYnJtLnNhcnRvcml1cy5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVA/6K8INTDMq6fC19 4HeJH3BAw099hvFOkgo/Bsfdk/n32L9m10e+BsNlHfZ8AXYeYDlch+KHTjv1UiyN Fuh5PH/nceZbRJ5SWIIZXPE657z89nzSdcia0OxAxsXVJyCwZbjrrah6duhzZejR iteeGcwFPuV4gn/Tlf4p6xrFarIwZwaImUr+YkDPiUfF51AK9SLdi1Do8We/6uVc oSZdiyfUwRdT9XavNzxkSj/i+HdQ4QXOpwJWljkAIpKHosLhg2VvDasKJSIUCRLJ ceiqLxfnpPX60sVYULlI6wKHQKqlUoxrhpgOwtsDuh/wHWpFtK23DOafqZ/Z0W7N mD07AgMBAAGjggIfMIICGzCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKG QGh0dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0xYjg2MzM4NS1mNGE5LTQ3ZmEt ODhhNS0yYTVhYmZkNGExNjcwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNz c2lnbi5jaC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3 M2VmZWMwbwYDVR0gBGgwZjAIBgZngQwBAgEwCAYGBACPegEGMFAGCGCFdAFZAgEB MEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t L1N3aXNzU2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8v Y3JsLnN3aXNzc2lnbi5jaC9jZHAtNjc5NzIzYjItODY0MS00NjQyLTg1MDAtZjZk MmZmMzdlNmJhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B Af8EBAMCBaAwHAYDVR0RBBUwE4IRYnJtLnNhcnRvcml1cy5jb20wHQYDVR0OBBYE FFjiwVEzhb0afoLEVspwdqWhmg6PMB8GA1UdIwQYMBaAFOu9f0mTjMnu7KK69xzS Z/CDsereMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQBp Xd6zN3pG6w+HjyASPRXH+WUHyMBNwWSTEAx+XDfTT8BYMt1GD60tykEWvgUjiX6L vKTQcGdTb1YhdtxVbN+r+q+r4IAPhPqbfuT61XxFEfbmE/CMnFyRgQH6b2xvyzQ2 vb8OG2rMcQXBBzRnxRC0AKjOL26VJA1IZPhv++78oj+y519/mWOprVFtGiGVGdcv B/RTWJFl/g7E+FXrHOHEYH7m/ZA/66dL4mf9lAvA8SP8FvAEKKVU2DQeyx2wCICj +BDI14RxfTsbWTiFxT4gURUjrzMNvSjKndewV5gVMxmj53H02LntCVEcSY4AiTrd JCLUSZRrfOMMlUEoWbzI0L5Lp12A12mY6eNxE1+waWDTMWhX70A2JD/svuk2iJe7 ygULapEjWWbfu4z6wmnFGZac8ZC7djBQvveHZ+e9eHOlAtonuGB4wNtiUK8VqzKD 6xZVwoJ/T4hJxNMeA4XXxxVljyYlUAQRhElbCz0sXCxPEVL9hZL7M6lrpeggnBYT wbLxWZAOo6rzXeqJwRFPFaZPB6Vy91F+bg9NiKehpGu2c5w4yHzJYdIXlvmQlU7Q 70MCM8BtmpRr5dKRr+SWtzsLkdgRwcZJQuOWM9kU24DyLAOlRlR3PxjYB8dd2oD6 eCHJdFMTgXZEoTAIkvc9dXveWnUJFvYoy+ODUqv+Qw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QP+ivCDUwzKunwtfeB3 iR9wQMNPfYbxTpIKPwbH3ZP599i/ZtdHvgbDZR32fAF2HmA5XIfih0479VIsjRbo eTx/53HmW0SeUliCGVzxOue8/PZ80nXImtDsQMbF1ScgsGW4662oenboc2Xo0YrX nhnMBT7leIJ/05X+KesaxWqyMGcGiJlK/mJAz4lHxedQCvUi3YtQ6PFnv+rlXKEm XYsn1MEXU/V2rzc8ZEo/4vh3UOEFzqcCVpY5ACKSh6LC4YNlbw2rCiUiFAkSyXHo qi8X56T1+tLFWFC5SOsCh0CqpVKMa4aYDsLbA7of8B1qRbSttwzmn6mf2dFuzZg9 OwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 325898238507492076596483275633556073166081679599 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-25 13:41:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-25 13:41:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'brm.sartorius.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26890728624233166578520554102509783060110899341639625328783961967094394740493392118674366000607900141222886143666088456236336825479225450243411817106514129644485431781850706959536598736785581858392786827593031985297733930663316841738169961258095946339174700362566967381437891506548892846695766381445488789551879526063450248281087927714197593642638033636669271702167886774890967852031342227836391771340817844667873337700850199422700295904625072991964112275311517359684759032236246161688665782052132325162844039000027838649471724211902835217216136653903091148090894261845818547674374920250079118456336783740444916333883 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brm.sartorius.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 58e2c1513385bd1a7e82c456ca7076a5a19a0e8f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00695ddeb3377a46eb0f878f20123d15c7f96507c8c04dc16493100c7e5c37d34fc05832dd460fad2dca4116be0523897e8bbca4d07067536f562176dc556cdfabfaafabe0800f84fa9b7ee4fad57c4511f6e613f08c9c5c918101fa6f6c6fcb3436bdbf0e1b6acc7105c1073467c510b400a8ce2f6e95240d4864f86ffbeefca23fb2e75f7f9963a9ad516d1a219519d72f07f453589165fe0ec4f855eb1ce1c4607ee6fd903feba74be267fd940bc0f123fc16f00428a554d8341ecb1db00880a3f810c8d784717d3b1b593885c53e20511523af330dbd28ca9dd7b05798153319a3e771f4d8b9ed09511c498e00893add2422d449946b7ce30c95412859bcc8d0be4ba75d80d76998e9e371135fb06960d3316857ef4036243fecbee9368897bbca050b6a91235966dfbb8cfac269c519969cf190bb763050bef78767e7bd7873a502da27b86078c0db6250af15ab3283eb1655c2827f4f8849c4d31e0385d7c715658f262550041184495b0b3d2c5c2c4f1152fd8592fb33a96ba5e8209c1613c1b2f159900ea3aaf35dea89c1114f15a64f07a572f7517e6e0f4d88a7a1a46bb6739c38c87cc961d21796f990954ed0ef430233c06d9a946be5d291afe496b73b0b91d811c1c64942e39633d914db80f22c03a54654773f18d807c75dda80fa7821c9745313817644a1300892f73d757bde5a750916f628cbe38352abfe43