cucuserlabo000-ms.ceti.etat-ge.ch

- Republique et Canton de Geneve -

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate

This digital certificate with serial number 7b:2e:1e:bb:86:17:88:4a:f3:20:d7:04:33:58:1e:05:8d:d3:ca:8d was issued on by SwissSign AG.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [ContentCommitment DataEncipherment DigitalSignature KeyEncipherment] (00001111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Republique et Canton de Geneve

Organization: Republique et Canton de Geneve
Organization unit: DGSI
State / Province: Geneve
Locality: Geneve
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 7b:2e:1e:bb:86:17:88:4a:f3:20:d7:04:33:58:1e:05:8d:d3:ca:8d
Serial Number (int): 703234376270083975776839115464130136897030965901
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 52:7b:c2:e2:87:41:9c:55:a2:d3:33:ec:a2:0b:f9:aa:3b:47:46:cc
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): 5c:dd:80:8e:b4:c9:ea:ec:9b:37:68:2d:2d:de:02:1c:06:5e:44:3a
Fingerprint (sha256): 1d:f1:c3:71:9b:52:40:99:95:3b:c1:68:93:87:81:73:b6:dd:9e:d2:ea:51:45:fa:11:d7:35:e5:bf:34:2d:e1

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate cucuserlabo000-ms.ceti.etat-ge.ch

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cucuserlabo000-ms.ceti.etat-ge.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Content Commitment
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cucuserlabo000-ms.ceti.etat-ge.ch
cucuserlabo001.ceti.etat-ge.ch
ceti.etat-ge.ch
cucuserlabo000.ceti.etat-ge.ch

Other certificates including the domain name etat-ge.ch

(limited to 100 certificates)
impuserlabo000-ms.ceti.etat-ge.ch
api.soca.lbdev.etat-ge.ch
vcscgv2-1.ceti.etat-ge.ch
uccxuser000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
*.devops.etat-ge.ch
jabbergsrv001.ceti.etat-ge.ch
pexip.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
impuser000-ms.ceti.etat-ge.ch
prod.etat-ge.ch
pccecuic000.ceti.etat-ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
vcsenhp-1.ge.ch
jabberguest.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
uccxuserlabo000-ms.ceti.etat-ge.ch
jabbergexpe002.ge.ch
vcscnhp-1.ceti.etat-ge.ch
pccefin001.ceti.etat-ge.ch
uccxuserlabo000-ms.ceti.etat-ge.ch
cucmsme000-ms.ceti.etat-ge.ch
cucuserlabo000-ms.ceti.etat-ge.ch
vcselabo-2.ge.ch
cucmlabo000.ceti.etat-ge.ch
annuaire.ge.ch
uccxuserlabo000-ms.ceti.etat-ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
cucmsme000-ms.ceti.etat-ge.ch
*.apps.soca.lbprod.etat-ge.ch
cucuserlabo000-ms.ceti.etat-ge.ch
pccefinlab000-ms.ceti.etat-ge.ch
jabbergsrv003.ceti.etat-ge.ch
vcselabo-1.ge.ch
cuacuser000.ad.etat-ge.ch
jabbergsrv003.ceti.etat-ge.ch
ldapedu.ge.ch
cuacuser000.ad.etat-ge.ch
participer-rec.ge.ch
ldapedu.ge.ch
participer-rec.ge.ch
ldapedu-rectech.ceti.etat-ge.ch
vcsegv2-1.ge.ch
vcselabo-2.ge.ch
pccecuiclab000.ceti.etat-ge.ch
vcselabo-1.ge.ch
impuser000-ms.ceti.etat-ge.ch
vcsclabo-1.ceti.etat-ge.ch
ldapedu.ge.ch
*.devops.etat-ge.ch
pexipadm000.ceti.etat-ge.ch
jabbergsrv001.ceti.etat-ge.ch
jabbergsrv002.ceti.etat-ge.ch
vcselabo-2.ge.ch
vcselabo-2.ge.ch
cucmlabo000.ceti.etat-ge.ch
cuacuserlab000.ad.etat-ge.ch
pccefinlab001.ceti.etat-ge.ch
cucuserlabo000-ms.ceti.etat-ge.ch
appconpol11.ceti.etat-ge.ch
vcselabo-1.ge.ch
pccefin000-ms.ceti.etat-ge.ch
*.apps.soca.lbdev.etat-ge.ch
pccefinlab000.ceti.etat-ge.ch
videogwlabo.ge.ch
jabbergexpc002.ceti.etat-ge.ch
jabbergexpc002.ceti.etat-ge.ch
contacts.ge.ch
cuacuserlab000.ad.etat-ge.ch
vcsegv2-1.ge.ch
jabbergexpc001.ceti.etat-ge.ch
cfircf5.dev.etat-ge.ch
mitest.b2b.ge.ch
pccecuiclab000-ms.ceti.etat-ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
vcselabo-2.ge.ch
oos.ge.ch
ldapedu.ge.ch
impuserlabo000-ms.ceti.etat-ge.ch
cucuser000-ms.ceti.etat-ge.ch
videogwlabo.ge.ch
jabbergsrv003.ceti.etat-ge.ch
jabbergexpe001.ge.ch
vcscgv2-1.ceti.etat-ge.ch
cucmsme000-ms.ceti.etat-ge.ch
cari.rec.etat-ge.ch
t-racine.t-admin2.t-ad.etat-ge.ch
*.devops.etat-ge.ch
vcselabo-2.ge.ch
jabbergsrv002.ceti.etat-ge.ch
vcsegv2-1.ge.ch
videogwlabo.ge.ch
jabberguest.ge.ch

Certificate

The complete raw certificate details for cucuserlabo000-ms.ceti.etat-ge.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJnDCCCISgAwIBAgIUey4eu4YXiErzINcEM1geBY3Tyo0wDQYJKoZIhvcNAQEL
BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE
AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTkwODIy
MTQzMDUwWhcNMjEwODIyMTQzMDUwWjCBkzELMAkGA1UEBhMCQ0gxDzANBgNVBAgT
BkdlbmV2ZTEPMA0GA1UEBxMGR2VuZXZlMScwJQYDVQQKEx5SZXB1YmxpcXVlIGV0
IENhbnRvbiBkZSBHZW5ldmUxDTALBgNVBAsTBERHU0kxKjAoBgNVBAMTIWN1Y3Vz
ZXJsYWJvMDAwLW1zLmNldGkuZXRhdC1nZS5jaDCCAiIwDQYJKoZIhvcNAQEBBQAD
ggIPADCCAgoCggIBALBhBqsChzpR0Tr4DihbX2mjSgV+TwCREm6DQASHhLYXrFys
YRp8hKzJ22PaA6Pqw9paJH8Z4slIIeOUY/8WDpZ55r6vMaeNKCFTHYiBDINWKK+k
P3JBD5mlFOQeogdw9bdT+ml4QqFn+z83mMzEamKIQFd3qEvJFN/A9A7RcHFHp4QN
5S+RRHLpRrUApIq1n1niBZhsdF2AwgC5Xjdd38a2MzS3TiCmnt6mkgqEbe0QZKP4
jLhl3UzhjSqdzpaHnr/g16YT7blzxAyKQSTaqhpqlx2aEQot3q/DPL/9LygCxdg6
cbrxBogscXOUedpS35VrU9+jWR2cz06eFWFWIcfnv+EgRX9pJE5hm0lpP/kxSuhF
KavRlXKjmQ7N65l2KpE9EHcvbHcomsUyR4Rv548N8HGmo0xiXOgeoomiaq/OyNZE
OnVWVXqLdIUowJRhyhbqBbBQRIGYk1tg/cS8k9fjFzr9iMJyzYKMkQn3mWUP5shm
bDlKTYNMn2g6L7DBwhjsscHSx5jKoub3AUfsv6ziwQzVFvV/4OH4172dS3/egtu4
MKMezCUMgUtQB8EYyFY+tJaQKr2YzJHQVVW3Q/jvH9KbWDOaYMcCHD6B9V9N6HfQ
hTVJUiP89XucZVWbqd7uJ3JBmbpHwKvYJ0SIXWfvzGL4VYgSYJaOdB55PzAFAgMB
AAGjggUmMIIFIjB9BgNVHREEdjB0giFjdWN1c2VybGFibzAwMC1tcy5jZXRpLmV0
YXQtZ2UuY2iCHmN1Y3VzZXJsYWJvMDAxLmNldGkuZXRhdC1nZS5jaIIPY2V0aS5l
dGF0LWdlLmNogh5jdWN1c2VybGFibzAwMC5jZXRpLmV0YXQtZ2UuY2gwDgYDVR0P
AQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
FgQUUnvC4odBnFWi0zPsogv5qjtHRswwHwYDVR0jBBgwFoAU5/Hn/S5TrRHlgRpX
pHOPEn2YyK4wgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3Np
Z24ubmV0L0U3RjFFN0ZEMkU1M0FEMTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4QUUw
gaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049RTdG
MUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4QzhBRSUyQ089U3dpc3NT
aWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0
Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwXwYDVR0gBFgwVjBUBglghXQBWQEC
AQswRzBFBggrBgEFBQcCARY5aHR0cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv
bS9Td2lzc1NpZ24tR29sZC1DUC1DUFMucGRmMIHVBggrBgEFBQcBAQSByDCBxTBk
BggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3Jp
dHkvZG93bmxvYWQvRTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4
QzhBRTBdBggrBgEFBQcwAYZRaHR0cDovL2dvbGQtc2VydmVyLWcyLm9jc3Auc3dp
c3NzaWduLm5ldC9FN0YxRTdGRDJFNTNBRDExRTU4MTFBNTdBNDczOEYxMjdEOThD
OEFFMIIB9QYKKwYBBAHWeQIEAgSCAeUEggHhAd8AdgBElGUusO7Or8RAB9io/ijA
2uaCvtjLMbU/0zOWtbaBqAAAAWy5vMi5AAAEAwBHMEUCIAasmLFP0BEFtjEmlQ++
PZBI/4+z1pvt1I2I/m0L3TpUAiEAxczYdMAVIEMBORoVUsR0RDAvF92DJS0fqxXd
d39VC7cAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWy5vMne
AAAEAwBGMEQCIGofwPSskwc1M7RHZKxXUCeStL0MxLqWCiv7m9NdwQNLAiA1b6tR
y7MUMY9r/IXD6YCyw7HOF3XWiL/dDXI3Z9QKhAB3ALvZ37wfinG1k5Qjl6qSe0c4
V5UKq1LoGpCWZDaOHtGFAAABbLm8yXAAAAQDAEgwRgIhANpl9TVEYb/sQ5CQWv2P
w4WsFh/cW6MGbpSpQ7Hj2J8oAiEA3yBByjjg2COhb6jr4FolY+5+ptZbdt5hBszV
ZnjhPqkAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWy5vMgH
AAAEAwBGMEQCIBkDb8ElFY5Qwg0bOftfbFOpYAX/YwEuGuLZuwcrntYKAiBKCY+p
ywpYpp1+k577GbiGijmzko+066NDgvUW8/WQWzANBgkqhkiG9w0BAQsFAAOCAQEA
G7yolZubAnr/4uiGwWSFyTJ5rkW45hq3wkBslkKsSRUQUouC1iZ7MQjSqCAhpJeX
lHNylnkmp2pUS0VT8xkXr1r+h9nI+48vCHNo93vt7ld2Pnme1MKDit5dv3OD/Vaj
kFh7l0VnbjGPWsLuMw83Hh8hpP6+H+xxPzyZ5xI4aYJOTtg/OVngyOZROqfjwfyt
GAxCHAHR6PWkErcF2Il2JobPgZiuGeGIgcb4MESk+hu7bbMZHJ8RPQD+qhtlLCEp
SQCODtsWZK9aNr2JNlXS6U2DYAgcuUuXSbm/2qPW7O7jUCluAj/v2MKpJGQpNQpA
3RFxkQkCLFGwEQCmYMcAZA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsGEGqwKHOlHROvgOKFtf
aaNKBX5PAJESboNABIeEthesXKxhGnyErMnbY9oDo+rD2lokfxniyUgh45Rj/xYO
lnnmvq8xp40oIVMdiIEMg1Yor6Q/ckEPmaUU5B6iB3D1t1P6aXhCoWf7PzeYzMRq
YohAV3eoS8kU38D0DtFwcUenhA3lL5FEculGtQCkirWfWeIFmGx0XYDCALleN13f
xrYzNLdOIKae3qaSCoRt7RBko/iMuGXdTOGNKp3Oloeev+DXphPtuXPEDIpBJNqq
GmqXHZoRCi3er8M8v/0vKALF2DpxuvEGiCxxc5R52lLflWtT36NZHZzPTp4VYVYh
x+e/4SBFf2kkTmGbSWk/+TFK6EUpq9GVcqOZDs3rmXYqkT0Qdy9sdyiaxTJHhG/n
jw3wcaajTGJc6B6iiaJqr87I1kQ6dVZVeot0hSjAlGHKFuoFsFBEgZiTW2D9xLyT
1+MXOv2IwnLNgoyRCfeZZQ/myGZsOUpNg0yfaDovsMHCGOyxwdLHmMqi5vcBR+y/
rOLBDNUW9X/g4fjXvZ1Lf96C27gwox7MJQyBS1AHwRjIVj60lpAqvZjMkdBVVbdD
+O8f0ptYM5pgxwIcPoH1X03od9CFNUlSI/z1e5xlVZup3u4nckGZukfAq9gnRIhd
Z+/MYvhViBJglo50Hnk/MAUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 703234376270083975776839115464130136897030965901
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-22 14:30:50 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-22 14:30:50 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DGSI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cucuserlabo000-ms.ceti.etat-ge.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 719563573693002554968341730886552454056114722201626225480307540435624572980383856157338570304374788830552257159911695126690676612379982495512531274449918647804566990335640465227777470005859102574550316919690543055296978565498902337856718660976617903711601606211856384293249494639790518369926074379055219545509441330354866816136631792495929329422337532207669044291632719385344909210378961370228874786491716839420593244601679670854740130856314814850027540530182710266248909097386704906133286576585178368765656448916219496452705430913490599285620748886395900745706216718400211762532293382942164184563428115103674531844377906124060934835160660024690038281157523357510006675628191368187091881829176493163008458871602219930301247415114323176635561182131847287646786090078724034479136405595558188373777674450253277664833000961323199789141438838678807832491977701404437655780971001520171917098753664852042046114400934953932713509002143090350161649895530765774151960025782340630916477564925222262074508943174241971285652766569449724251922121399081809723844624524601215201882159586518155271847249123448644549243934060306724283226326544414310571434244475869859986175206158119928839659275739722929098120888653315025037270208377968661345245016069
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucuserlabo000-ms.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucuserlabo001.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cucuserlabo000.ceti.etat-ge.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							527bc2e287419c55a2d333eca20bf9aa3b4746cc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.11
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes)
							01df0076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016cb9bcc8b90000040300473045022006ac98b14fd01105b63126950fbe3d9048ff8fb3d69bedd48d88fe6d0bdd3a54022100c5ccd874c015204301391a1552c47444302f17dd83252d1fab15dd777f550bb70075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016cb9bcc9de000004030046304402206a1fc0f4ac93073533b44764ac57502792b4bd0cc4ba960a2bfb9bd35dc1034b0220356fab51cbb314318f6bfc85c3e980b2c3b1ce1775d688bfdd0d723767d40a84007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016cb9bcc9700000040300483046022100da65f5354461bfec4390905afd8fc385ac161fdc5ba3066e94a943b1e3d89f28022100df2041ca38e0d823a16fa8ebe05a2563ee7ea6d65b76de6106ccd56678e13ea9007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016cb9bcc8070000040300463044022019036fc125158e50c20d1b39fb5f6c53a96005ff63012e1ae2d9bb072b9ed60a02204a098fa9cb0a58a69d7e939efb19b8868a39b3928fb4eba34382f516f3f5905b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001bbca8959b9b027affe2e886c16485c93279ae45b8e61ab7c2406c9642ac491510528b82d6267b3108d2a82021a49797947372967926a76a544b4553f31917af5afe87d9c8fb8f2f087368f77bedee57763e799ed4c2838ade5dbf7383fd56a390587b9745676e318f5ac2ee330f371e1f21a4febe1fec713f3c99e7123869824e4ed83f3959e0c8e6513aa7e3c1fcad180c421c01d1e8f5a412b705d889762686cf8198ae19e18881c6f83044a4fa1bbb6db3191c9f113d00feaa1b652c212949008e0edb1664af5a36bd893655d2e94d8360081cb94b9749b9bfdaa3d6eceee350296e023fefd8c2a9246429350a40dd11719109022c51b01100a660c70064