twint-test.ukb.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 4e:ea:dd:1c:2e:7d:cb:5c:3c:bd:7a:7a:11:23:f4:57:5c:7e:32:2f was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=twint-test.ukb.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 4e:ea:dd:1c:2e:7d:cb:5c:3c:bd:7a:7a:11:23:f4:57:5c:7e:32:2fSerial Number (int): 450538915905610491056452103558514479169428927023
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 10:f4:08:93:fc:ad:21:93:60:8f:2a:0d:fb:b9:a5:6f:10:53:23:8f
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 91:d5:aa:08:45:e2:6f:72:d5:74:03:bd:37:da:21:36:4d:38:82:08
Fingerprint (sha256): 21:14:e8:29:ab:b3:6b:c0:3c:62:ee:6f:2c:76:b6:4b:a8:bd:ee:74:b5:e6:0a:b0:67:5e:4e:b5:19:6a:96:a6
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate twint-test.ukb.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for twint-test.ukb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
twint-test.ukb.ch
Other certificates including the domain name ukb.ch
(limited to 100 certificates)
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
twint-test.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
twint.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
twint-test.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
twint.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
Certificate
The complete raw certificate details for twint-test.ukb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIeTCCBmGgAwIBAgIUTurdHC59y1w8vXp6ESP0V1x+Mi8wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDYxMTA4 NDQ1MVoXDTI1MDYxMTA4NDQ1MVowHDEaMBgGA1UEAxMRdHdpbnQtdGVzdC51a2Iu Y2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLZQ2bil3VsE+bLXET thEi15xZRZ2ePy9RESO1utAGevQICTuAGTdGEe3vhqIHn0lnh6mpyE/LMdqqHuir CFC60q2plFy2vgSK4Sdx+wbckIQefxzjfymD5IqC02leUEGZ+qAF6eu8HKYb58uu APGtSL/Ba0WECFjtJW1u//X7WTAy1n1NZYMsqC1qX54iQbHjmhu3ah0sHVKwu1UB zBIcUNewUkmo9AY53xgsdeTrLfi/6cSkLiY2WT3zs2uM0jIrnuEXrIfmVpj9Z/WZ MEihyACtz5iifCy4Peq067OI8TYXMJQY4lWm6IoaQy3RHxtW+oBhZob2y9Wh71Ka ruzhAgMBAAGjggR9MIIEeTCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKG QGh0dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0xYjg2MzM4NS1mNGE5LTQ3ZmEt ODhhNS0yYTVhYmZkNGExNjcwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNz c2lnbi5jaC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3 M2VmZWMwbwYDVR0gBGgwZjAIBgZngQwBAgEwCAYGBACPegEGMFAGCGCFdAFZAgEB MEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t L1N3aXNzU2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8v Y3JsLnN3aXNzc2lnbi5jaC9jZHAtNjc5NzIzYjItODY0MS00NjQyLTg1MDAtZjZk MmZmMzdlNmJhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B Af8EBAMCBaAwHAYDVR0RBBUwE4IRdHdpbnQtdGVzdC51a2IuY2gwHQYDVR0OBBYE FBD0CJP8rSGTYI8qDfu5pW8QUyOPMB8GA1UdIwQYMBaAFOu9f0mTjMnu7KK69xzS Z/CDsereMIICbwYKKwYBBAHWeQIEAgSCAl8EggJbAlkAdwAo4oE4/YMhRemp1qp1 N22Dd6iFErPAf3JBSCHcvemMZgAAAZAGeLZpAAAEAwBIMEYCIQDIk8QRfUrzsF1/ l01MjwtcF0KoxGNMyGeL85u0Ber2OQIhAL2vTOqSNB/eYzwZ8K8Q/OpwSZK35ruv gyMNZFtkGM9zAHUA4JKz/AwdyOdoNh/eYbmWTQpSeBmKctZyxLBNpW1vVAQAAAGQ Bni0PAAABAMARjBEAiA8Qj14XVLQ1tWTyeQ0g9aKNF+HGSnhMUbqM++0CmZWjAIg BV27W01Pc7U7j4xMOW8KMS09wz1wd9IBOdw1J0ALvSkAdgDPEVbu1S58r/OHW9lp LpvpGnFnSrAX7KwB0lt3zsw7CAAAAZAGeLMsAAAEAwBHMEUCIFp+CJULmmEOVp79 sq5DT7odnNTWpM646ehr6tSHV0+wAiEAqdTIZW/lNm4SLzyXuLwrNjwLlNC99ual bTi/0enPn/sAdwDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAZAG eLODAAAEAwBIMEYCIQDp7g/xdEVII/sOZHJt1TbKMK5pEpUkGyGlkjlsJiF43wIh APnehaWCp7Q0jEJs6VhrOTvUqZ/Kxo/IGBFH3BZBzswlAHYATnWjJ1yaEMM4W2zU 3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGQBnizYQAABAMARzBFAiAEhCuq9cSYOgjJ HUDRTArw/pZAVxrzHCMx1xWN39xVuAIhAJYEPTptygwUcYR5SashoZ9ej4rKRaec r8CqKWY7ERjGMA0GCSqGSIb3DQEBCwUAA4ICAQBBJN/7YG8yTXFsZ65Hl9F7lDga ScXevHQGVN8e/qrOj/MFSM+Y0/Unm+44cFtRV6qhiBrRlSj+vMCPsqzZr148IBAi cyV2UgA/C1wRToNGPK5Ie9jbF1U8mCCI3oaQqjjmJ4QOG7LctwAmnhgqGae3E6mK hUo63KXKj7jxFm3DMNFzMNFB9+vebI/VhEnyU7wkpJyBgI/0zg6C1VMIYwtgTGig GoGPiyFkGCiAHwHPyZrSJ81Z7SpTQ/54vWs8Y6h1tZiOE20qMDcD5SCFtwcrM7Qh Q9/34wqc7GUq+xmRex3EX6WmbUJWzrkXEm32fbI1Nc9vI+EAr+QuDquvktjwEztQ JUbAhxktbadjXS/2ZJcbC2tuYtLON6dtkcjP7h1R5BujKlD53KAIOkWTv+D/ADKJ x/B4mrlxMV7H2fmumK0m/YbSFFCf/BKJ+waH30JS722suGhswZmzGXN25LogBKIJ sbiK0RaDAtwnaG7gbkunjkUry7i8g8QrCc2YABCrMpK6BESDKTNqv+Qanynjw32R t9yVdJCYmTu3PuZCAyrFDsS0hXOpQgAGeRZ6Qcgjsmvvheuxd1G0d862FZxR5MzC mR7HqoiNyGeLzjZ6wB71m0V0w2JrVVRr1+g5UCcuwJTp8paSdaBKZe5HVVu4yGo6 rTJP7Y0dGM4rZSnW8A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2UNm4pd1bBPmy1xE7YR ItecWUWdnj8vUREjtbrQBnr0CAk7gBk3RhHt74aiB59JZ4epqchPyzHaqh7oqwhQ utKtqZRctr4EiuEncfsG3JCEHn8c438pg+SKgtNpXlBBmfqgBenrvBymG+fLrgDx rUi/wWtFhAhY7SVtbv/1+1kwMtZ9TWWDLKgtal+eIkGx45obt2odLB1SsLtVAcwS HFDXsFJJqPQGOd8YLHXk6y34v+nEpC4mNlk987NrjNIyK57hF6yH5laY/Wf1mTBI ocgArc+YonwsuD3qtOuziPE2FzCUGOJVpuiKGkMt0R8bVvqAYWaG9svVoe9Smq7s 4QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 450538915905610491056452103558514479169428927023 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-11 08:44:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-11 08:44:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'twint-test.ukb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25676207075880947614380484314267036924804964230137458276027783380169845945527950372510499595178325587769633283572095087171888402718806090919149968245107106956932822827612701975426292850516639415341991178929603458918076435663311715845299830004269276503563332088493015365066976835511055212706232476078596702841879152439978268315464943935026165066926848937343261843396260161470723494861237668052261723844136445864079321779897875864281284547839763657198313775611294463074657798155950472338578251914557264784633416308691275608910531173945312694865570249459694354593397264288759465219829506018726663855495694569625655110881 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'twint-test.ukb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 10f40893fcad2193608f2a0dfbb9a56f1053238f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (607 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes) 025900770028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c66000001900678b6690000040300483046022100c893c4117d4af3b05d7f974d4c8f0b5c1742a8c4634cc8678bf39bb405eaf639022100bdaf4cea92341fde633c19f0af10fcea704992b7e6bbaf83230d645b6418cf73007500e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f5404000001900678b43c000004030046304402203c423d785d52d0d6d593c9e43483d68a345f871929e13146ea33efb40a66568c0220055dbb5b4d4f73b53b8f8c4c396f0a312d3dc33d7077d20139dc3527400bbd29007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b08000001900678b32c000004030047304502205a7e08950b9a610e569efdb2ae434fba1d9cd4d6a4ceb8e9e86bead487574fb0022100a9d4c8656fe5366e122f3c97b8bc2b363c0b94d0bdf6e6a56d38bfd1e9cf9ffb007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db0000001900678b3830000040300483046022100e9ee0ff174454823fb0e64726dd536ca30ae691295241b21a592396c262178df022100f9de85a582a7b4348c426ce9586b393bd4a99fcac68fc8181147dc1641cecc250076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df000001900678b3610000040300473045022004842baaf5c4983a08c91d40d14c0af0fe9640571af31c2331d7158ddfdc55b802210096043d3a6dca0c1471847949ab21a19f5e8f8aca45a79cafc0aa29663b1118c6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 004124dffb606f324d716c67ae4797d17b94381a49c5debc740654df1efeaace8ff30548cf98d3f5279bee38705b5157aaa1881ad19528febcc08fb2acd9af5e3c20102273257652003f0b5c114e83463cae487bd8db17553c982088de8690aa38e627840e1bb2dcb700269e182a19a7b713a98a854a3adca5ca8fb8f1166dc330d17330d141f7ebde6c8fd58449f253bc24a49c81808ff4ce0e82d55308630b604c68a01a818f8b21641828801f01cfc99ad227cd59ed2a5343fe78bd6b3c63a875b5988e136d2a303703e52085b7072b33b42143dff7e30a9cec652afb19917b1dc45fa5a66d4256ceb917126df67db23535cf6f23e100afe42e0eabaf92d8f0133b502546c087192d6da7635d2ff664971b0b6b6e62d2ce37a76d91c8cfee1d51e41ba32a50f9dca0083a4593bfe0ff003289c7f0789ab971315ec7d9f9ae98ad26fd86d214509ffc1289fb0687df4252ef6dacb8686cc199b3197376e4ba2004a209b1b88ad1168302dc27686ee06e4ba78e452bcbb8bc83c42b09cd980010ab3292ba04448329336abfe41a9f29e3c37d91b7dc95749098993bb73ee642032ac50ec4b48573a942000679167a41c823b26bef85ebb17751b477ceb6159c51e4ccc2991ec7aa888dc8678bce367ac01ef59b4574c3626b55546bd7e83950272ec094e9f2969275a04a65ee47555bb8c86a3aad324fed8d1d18ce2b6529d6f0