surveys.snb.ch
- Swiss National Bank -
Issued by SwissSign RSA TLS OV ICA 2021 - 1
About this certificate
This digital certificate with serial number 14:1e:e8:fe:14:bb:da:63:12:57:ae:d2:4b:f7:33:73:32:3d:50:75 was issued on by SwissSign AG.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Swiss National Bank
Organization:
Swiss National Bank
State / Province:
ZH
Locality: Zurich
Country: CH
Locality: Zurich
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 14:1e:e8:fe:14:bb:da:63:12:57:ae:d2:4b:f7:33:73:32:3d:50:75Serial Number (int): 114869134282050024317303433041055982497809911925
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: b5:3c:99:47:84:11:a9:54:ef:12:c7:e7:76:5f:b7:9f:da:45:fa:d5
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d
Fingerprint (sha1): 3f:0a:32:17:83:02:21:19:41:ec:84:af:fb:18:88:1d:18:c1:17:4f
Fingerprint (sha256): 22:06:7d:d0:06:ec:55:63:c8:c0:4e:39:e7:e7:f1:8b:b4:b5:bd:80:d1:c7:10:ea:ec:4a:2a:91:38:00:2a:35
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D
Revocation information
OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3DCRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate surveys.snb.ch
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for surveys.snb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
surveys.snb.ch
surveys-p1.snb.ch
surveys-p2.snb.ch
surveys-p1.snb.ch
surveys-p2.snb.ch
Other certificates including the domain name snb.ch
(limited to 100 certificates)
remotemail.snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
Certificate
The complete raw certificate details for surveys.snb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKHDCCCASgAwIBAgIUFB7o/hS72mMSV67SS/czczI9UHUwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMDYwMTA4 MjY0MFoXDTIzMDYwMTA4MjY0MFowYjELMAkGA1UEBhMCQ0gxCzAJBgNVBAgTAlpI MQ8wDQYDVQQHEwZadXJpY2gxHDAaBgNVBAoTE1N3aXNzIE5hdGlvbmFsIEJhbmsx FzAVBgNVBAMTDnN1cnZleXMuc25iLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA4n6tgnP3ucty9FWCSlu2nYUVoQp5jUTDWXgIJNgAQQYa9WSDgmAm mZzv0Lz07LcugEtmlf7uwmOcWaKOsUPrjnJOLySqZYttktt4CI1gEQaikwZXdSAl +KKS5v7oHD4e7Z79tJeDWcC/4Gdl5Zhm4fwymQAj4J8xpisc5KNVqKRRhvTnNAIe 7BCbKxiIbSc5mNB943ilOHHlLKgt0R/UfUeEorbEYHcIrXqsrigGnIaI9qEympMv Cl7Jev1HovbUegQ5u4zH8NffvomfGAPcP9if04wUUp/wkGTf4laYC0pxw6qXhwMY TVkvJKVRl3tuvJQuTylLkG2GoyqnWbeLfQIDAQABo4IF2jCCBdYwPwYDVR0RBDgw NoIOc3VydmV5cy5zbmIuY2iCEXN1cnZleXMtcDEuc25iLmNoghFzdXJ2ZXlzLXAy LnNuYi5jaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMB0GA1UdDgQWBBS1PJlHhBGpVO8Sx+d2X7ef2kX61TAfBgNVHSMEGDAW gBSs0DrCwldVkWkRzHBqWTiKjKycPTCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRw Oi8vY3JsLnN3aXNzc2lnbi5uZXQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1 OTM4OEE4Q0FDOUMzRDCBqKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3Nz aWduLm5ldC9DTj1BQ0QwM0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5 QzNEJTJDTz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxp c3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBvBgNVHSAE aDBmMFAGCGCFdAFZAgECMEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9y eS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbl9DUFNfVExTLnBkZjAIBgYEAI96AQcw CAYGZ4EMAQICMIHGBggrBgEFBQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDov L3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvQUNEMDNB QzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDBOBggrBgEFBQcwAYZC aHR0cDovL29jc3Auc3dpc3NzaWduLm5ldC9BQ0QwM0FDMkMyNTc1NTkxNjkxMUND NzA2QTU5Mzg4QThDQUM5QzNEMIIC5gYKKwYBBAHWeQIEAgSCAtYEggLSAtAAdgBV gdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAYEeX8H6AAAEAwBHMEUC IQCFQO1sFiIDTcCzlEEXL1FMSBMgnnNScwND9EFn8XkBhgIgV16dNX73g0bthJRr e9CZx5v333Kh+zyKApy/aw3rOq0AdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkG jbIImjfZEwAAAYEeX8BoAAAEAwBHMEUCIQCwpVZRa+py4pdOp3u5JEKiiWr0LcoI bMet7rlV5SHXtQIgRAurthTnhNXUhBpgFQ1/cEL4dF3s/JSGpBnQk4HA2FAAdQB6 MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYEeX8CsAAAEAwBGMEQC ICE1//qY/aA1ssctw+Wm8IqMrSfZt2eUbuOsE9iXkd37AiArat6xN9PaDMMnpl7Q niJSX7tw9gQozylS0W30Nk1yaAB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqF hjTr3IKKAAABgR5fwC4AAAQDAEcwRQIgW+97h7BMNskdeWl2/lhFf8DGYcd9sL2l 2PjY8IyryQ8CIQDt3Gk5npWRqGeUiy1GR+U6RhsVmV//HqLWFR23FKGjcgB3ALNz dwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABgR5fwhcAAAQDAEgwRgIh AIC/eahtwBmaykOOGSCUwW5f4DLXZQZUXVIy3cY7k6zGAiEAtbJOu8HDkpttZlCZ 6Fk2019taemo15Et9rO8JsMnWYgAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp 4Xd9bQa9bgAAAYEeX8BeAAAEAwBHMEUCIQDgEoBCGwoU2JiHUtsk4tgEdeKkHiMU RcvtdXDF10IfhAIgBteedgnuSITZYG9wh6qYQmjb0tWJUgm0Es2cYx71Fv8wDQYJ KoZIhvcNAQELBQADggIBAEbnxUgTzD8E19amO/UchayQRYeaWHisyWrzpWknjafR H9GzTKgLFVyx2KHqCJbfY2qz4N9dYGxnKM4xCH4atpfLrz2I94nasxL+JVbO3J23 rD49kuSq+J2ouSwj9gzCM2hkx0cUNz86KwjMzBSlfPV3DGH1ZfFxLrRifzVu2Eej cKmIyeNXXaWD2ujYd+29tiXpYRAusM2tsRcnBzo2juh5dv2OFD2TvXKohsKA4G35 RmIy/QmeTVtbMSaliO5ojFnNyqs7U03LGPyyizFhk4Aoz/aCw6/+2R/4WB2D0nNA 4Yan3ASnXKeNXlNJX8XtfBj/Yu2q3Kj4piXeGFikl49slcq3CkKsUHpl4WItuDbl DWwDQW0BmsWbRcdcS6JPJgU1tXe5SmdQ29FvueFUyYV/KalhEVR7s4W3RX47oOzi lFgPtonyQKeo+MAdCPLF3YpMAYphqEpnaZ0zvm58MZDKUon6dpOMbZoD/tZfi2hA VowseQDC7jyUrUf/Qmsh2nLfL/bbKKpof8p5L2BEuMyn4ibJcipp7qFTbrowbElE eY8/GHRLGl/rJPCUCwnBpE+5f5ORfWL+c1ZYVQsjlD72aYfmu+dY5Zg7T5OGtv2R +LSdY6b023TlR2bdW7zc03dEi1lbvfBZJ/fJudUr9HzRf5Mji/vPFjcF4A/kBxDO -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4n6tgnP3ucty9FWCSlu2 nYUVoQp5jUTDWXgIJNgAQQYa9WSDgmAmmZzv0Lz07LcugEtmlf7uwmOcWaKOsUPr jnJOLySqZYttktt4CI1gEQaikwZXdSAl+KKS5v7oHD4e7Z79tJeDWcC/4Gdl5Zhm 4fwymQAj4J8xpisc5KNVqKRRhvTnNAIe7BCbKxiIbSc5mNB943ilOHHlLKgt0R/U fUeEorbEYHcIrXqsrigGnIaI9qEympMvCl7Jev1HovbUegQ5u4zH8NffvomfGAPc P9if04wUUp/wkGTf4laYC0pxw6qXhwMYTVkvJKVRl3tuvJQuTylLkG2GoyqnWbeL fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 114869134282050024317303433041055982497809911925 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-01 08:26:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-01 08:26:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zurich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Swiss National Bank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'surveys.snb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28592324059788287365903089926298671783277907965151182183955395945317642646977834638992687818438178452577667816824760432272463920624983140163215883018491473738107649218043779738256926616371641857010672834096642225576728839403081051444742932258936619778744617543820754073926236530343622775453909265383010595199350887079982271336360761925055719666252229314658081693179197366756806188539499608583833380042934087729314677577875037026116613488642926488224670664095240912370856118892667126318739509940903210299681582534900006094669043653968851173379749417831651082082844571434483496389166332163963530202887075884967875021693 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'surveys.snb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'surveys-p1.snb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'surveys-p2.snb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b53c99478411a954ef12c7e7765fb79fda45fad5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (726 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (722 bytes) 02d00076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001811e5fc1fa00000403004730450221008540ed6c1622034dc0b39441172f514c4813209e7352730343f44167f17901860220575e9d357ef78346ed84946b7bd099c79bf7df72a1fb3c8a029cbf6b0deb3aad0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d913000001811e5fc0680000040300473045022100b0a556516bea72e2974ea77bb92442a2896af42dca086cc7adeeb955e521d7b50220440babb614e784d5d4841a60150d7f7042f8745decfc9486a419d09381c0d8500075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001811e5fc0ac000004030046304402202135fffa98fda035b2c72dc3e5a6f08a8cad27d9b767946ee3ac13d89791ddfb02202b6adeb137d3da0cc327a65ed09e22525fbb70f60428cf2952d16df4364d7268007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001811e5fc02e000004030047304502205bef7b87b04c36c91d796976fe58457fc0c661c77db0bda5d8f8d8f08cabc90f022100eddc69399e9591a867948b2d4647e53a461b15995fff1ea2d6151db714a1a372007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001811e5fc217000004030048304602210080bf79a86dc0199aca438e192094c16e5fe032d76506545d5232ddc63b93acc6022100b5b24ebbc1c3929b6d665099e85936d35f6d69e9a8d7912df6b3bc26c3275988007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001811e5fc05e0000040300473045022100e01280421b0a14d8988752db24e2d80475e2a41e231445cbed7570c5d7421f84022006d79e7609ee4884d9606f7087aa984268dbd2d5895209b412cd9c631ef516ff . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0046e7c54813cc3f04d7d6a63bf51c85ac9045879a5878acc96af3a569278da7d11fd1b34ca80b155cb1d8a1ea0896df636ab3e0df5d606c6728ce31087e1ab697cbaf3d88f789dab312fe2556cedc9db7ac3e3d92e4aaf89da8b92c23f60cc2336864c74714373f3a2b08cccc14a57cf5770c61f565f1712eb4627f356ed847a370a988c9e3575da583dae8d877edbdb625e961102eb0cdadb11727073a368ee87976fd8e143d93bd72a886c280e06df9466232fd099e4d5b5b3126a588ee688c59cdcaab3b534dcb18fcb28b3161938028cff682c3affed91ff8581d83d27340e186a7dc04a75ca78d5e53495fc5ed7c18ff62edaadca8f8a625de1858a4978f6c95cab70a42ac507a65e1622db836e50d6c03416d019ac59b45c75c4ba24f260535b577b94a6750dbd16fb9e154c9857f29a96111547bb385b7457e3ba0ece294580fb689f240a7a8f8c01d08f2c5dd8a4c018a61a84a67699d33be6e7c3190ca5289fa76938c6d9a03fed65f8b6840568c2c7900c2ee3c94ad47ff426b21da72df2ff6db28aa687fca792f6044b8cca7e226c9722a69eea1536eba306c4944798f3f18744b1a5feb24f0940b09c1a44fb97f93917d62fe735658550b23943ef66987e6bbe758e5983b4f9386b6fd91f8b49d63a6f4db74e54766dd5bbcdcd377448b595bbdf05927f7c9b9d52bf47cd17f93238bfbcf163705e00fe40710ce