dex.sartorius.com
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 0c:25:05:32:fb:c4:48:eb:9f:fe:61:66:ce:41:21:ce:8e:5e:c8:0e was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=dex.sartorius.com
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 0c:25:05:32:fb:c4:48:eb:9f:fe:61:66:ce:41:21:ce:8e:5e:c8:0eSerial Number (int): 69333469732435108323102962170083961297539352590
Serial Number lenght: 156 bits, 20 octets
SubjectKeyId: 58:46:ef:18:62:3a:56:16:20:a3:bc:39:ad:5e:71:22:98:0a:4a:20
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): fb:86:43:65:11:d5:d0:50:c1:27:81:17:b2:73:7c:e9:77:20:45:a9
Fingerprint (sha256): 25:e5:3a:a9:02:50:13:d0:3d:9f:cb:3d:e9:ec:75:7f:80:36:c9:38:e7:34:2d:94:9b:ef:9e:4b:7e:1e:02:49
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate dex.sartorius.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dex.sartorius.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dex.sartorius.com
Other certificates including the domain name sartorius.com
(limited to 100 certificates)
cert00068-azurecdn.akamaized.net
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
btconfigurator-dev.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-qa.sartorius.com
api-internal.sartorius.com
eshop.sartorius.com
api-qa.sartorius.com
owa.sartorius.com
de05bwinterfacetest.sartorius.com
*.scp.sartorius.com
open-access.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-test.sartorius.com
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
developerqa.sartorius.com
remote-access-dev.sartorius.com
eshop-qa.sartorius.com
sip-mobile.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
sce-experlogix.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
brm.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
gonsap68.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
config-data-downloads.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
dex.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
open-access.sartorius.com
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
delivery.wcms.qa.sartorius.com
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
developer.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
btconfigurator-dev.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-qa.sartorius.com
api-internal.sartorius.com
eshop.sartorius.com
api-qa.sartorius.com
owa.sartorius.com
de05bwinterfacetest.sartorius.com
*.scp.sartorius.com
open-access.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
dam-test.sartorius.com
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
developerqa.sartorius.com
remote-access-dev.sartorius.com
eshop-qa.sartorius.com
sip-mobile.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
sce-experlogix.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
brm.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
gonsap68.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
config-data-downloads.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
dex.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
open-access.sartorius.com
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
delivery.wcms.qa.sartorius.com
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
developer.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
Certificate
The complete raw certificate details for dex.sartorius.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGzCCBAOgAwIBAgIUDCUFMvvESOuf/mFmzkEhzo5eyA4wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDQyMzA2 Mzk1NVoXDTI1MDQyMzA2Mzk1NVowHDEaMBgGA1UEAxMRZGV4LnNhcnRvcml1cy5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLTpm9CvB30fKJ/5ee LXsUuftOX40/vzrERoVwm1HkFemtsITwMi/P38OuMx68obs2lVSB781O+QHneYjv ujj35WL/MAf2/6a293MAEDYCj50Q+Ug6f7nxH7TpfM3LEuyWR0Gw5+p8Ym5J0V++ cL9uEU/7eVOzgWIkEGQo+lbDznrojjhBDEqRy6z9xnBAUn6UNyxZoeNFZKYPCIjl qaYN/JbaIi0UWH9poWACU4VVNvKSMKrsvtIt28S8qcA7H6qLqevKTP/JdU6az1+q om0h34AUKgyLXO9zmWJOoorsqxMEyBqNlcjlk+QPAULQN+/czDVbuWTeJjJpAhoX h8QlAgMBAAGjggIfMIICGzCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKG QGh0dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0xYjg2MzM4NS1mNGE5LTQ3ZmEt ODhhNS0yYTVhYmZkNGExNjcwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNz c2lnbi5jaC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3 M2VmZWMwbwYDVR0gBGgwZjAIBgZngQwBAgEwCAYGBACPegEGMFAGCGCFdAFZAgEB MEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t L1N3aXNzU2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8v Y3JsLnN3aXNzc2lnbi5jaC9jZHAtNjc5NzIzYjItODY0MS00NjQyLTg1MDAtZjZk MmZmMzdlNmJhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B Af8EBAMCBaAwHAYDVR0RBBUwE4IRZGV4LnNhcnRvcml1cy5jb20wHQYDVR0OBBYE FFhG7xhiOlYWIKO8Oa1ecSKYCkogMB8GA1UdIwQYMBaAFOu9f0mTjMnu7KK69xzS Z/CDsereMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAe gr+Bj6B3nVBKVUt+N5226hva0UD68YCXXMktdoxx+wQ1jvBDhsP+c1PIbLmwCMWs Xz65dmPVrs1HnpefmjnaiVepevdjGC0sHpF2ecxHGGSJqcAZ4izKVog2YwCi0Rlu u5bmzb4PQZKjcHFUMn2EbwK3SIoDqkPmmPXH8kLzitTNdAr7WYECQP1lHHGms8aP kFgU8OYTtrAtFsHauQQy3V9zPL7IKgv/ltnysNFmTH/cdlAkP+h5fo7nm/pBo+LM t2Ni7H+ALVx6meK/R1Eg7M12iLla7OAh+Nb1MZE5YiN5ctQ0Wt15tbA1s5EQRPbS pPtktT9GoN8P6l2hfFRmbhykc2WuK3wUpkvxNN0KXt9lF198yKi+Zro5eoIFVd2U ZKUxAbP0O/3toPIBatNaXCZmggQjBW/vJQToIcO12UhIjZ6FbklRe8vgaV/Q3J6k sxiQVQWHmiXphvf/F5VJBzinSHxNVNWQ2U0+RzOXvAjhAKMT6fR8UQ0tL/FoJiJ+ gA25OxKTfRhIyEDILEqRrX5nt7CXRbJBJu8gkXX7boysZqUvsJ3hfz6q94yHfIm3 /4XDDkOfi91IkhufvMWg7/FDsOngcCt51xu47Ou31QtqJ6RjsrxiJiIbvM2ZrPN0 Bps9/BAgqVWiT3rKz4Q+Cc9CVtJplNW/m7UIISm+Yw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi06ZvQrwd9Hyif+Xni17 FLn7Tl+NP786xEaFcJtR5BXprbCE8DIvz9/DrjMevKG7NpVUge/NTvkB53mI77o4 9+Vi/zAH9v+mtvdzABA2Ao+dEPlIOn+58R+06XzNyxLslkdBsOfqfGJuSdFfvnC/ bhFP+3lTs4FiJBBkKPpWw8566I44QQxKkcus/cZwQFJ+lDcsWaHjRWSmDwiI5amm DfyW2iItFFh/aaFgAlOFVTbykjCq7L7SLdvEvKnAOx+qi6nrykz/yXVOms9fqqJt Id+AFCoMi1zvc5liTqKK7KsTBMgajZXI5ZPkDwFC0Dfv3Mw1W7lk3iYyaQIaF4fE JQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 69333469732435108323102962170083961297539352590 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-23 06:39:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-23 06:39:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dex.sartorius.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17585883761538671103348755180217298622410307802566656090828469444344357263017867312178501870704342532719978352683592290793606141429477474982450784278325003514376970965055466644333023739735570411156107303347893695978550327565479020149890887813287246820508424077281332484266046865606068045225401409666242429038391405749202995463369253131993350902166228406050368652535972351575664222187948801864094567904486313995005954736810164541471251065315613160729867055893397490796511748834012527447598935888167170603752192171999451112627337111239512241989865906526326412468410971748677956757643138873182970134871955469762585674789 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dex.sartorius.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5846ef18623a561620a3bc39ad5e7122980a4a20 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 001e82bf818fa0779d504a554b7e379db6ea1bdad140faf180975cc92d768c71fb04358ef04386c3fe7353c86cb9b008c5ac5f3eb97663d5aecd479e979f9a39da8957a97af763182d2c1e917679cc47186489a9c019e22cca5688366300a2d1196ebb96e6cdbe0f4192a3707154327d846f02b7488a03aa43e698f5c7f242f38ad4cd740afb59810240fd651c71a6b3c68f905814f0e613b6b02d16c1dab90432dd5f733cbec82a0bff96d9f2b0d1664c7fdc7650243fe8797e8ee79bfa41a3e2ccb76362ec7f802d5c7a99e2bf475120eccd7688b95aece021f8d6f531913962237972d4345add79b5b035b3911044f6d2a4fb64b53f46a0df0fea5da17c54666e1ca47365ae2b7c14a64bf134dd0a5edf65175f7cc8a8be66ba397a820555dd9464a53101b3f43bfdeda0f2016ad35a5c2666820423056fef2504e821c3b5d948488d9e856e49517bcbe0695fd0dc9ea4b318905505879a25e986f7ff1795490738a7487c4d54d590d94d3e473397bc08e100a313e9f47c510d2d2ff16826227e800db93b12937d1848c840c82c4a91ad7e67b7b09745b24126ef209175fb6e8cac66a52fb09de17f3eaaf78c877c89b7ff85c30e439f8bdd48921b9fbcc5a0eff143b0e9e0702b79d71bb8ecebb7d50b6a27a463b2bc6226221bbccd99acf374069b3dfc1020a955a24f7acacf843e09cf4256d26994d5bf9bb5082129be63