*.ge.ch
- Republique et Canton de Geneve -
Issued by SwissSign Server Gold CA 2014 - G22
About this certificate
This digital certificate with serial number 7a:d3:a1:33:af:95:fe:3e:e6:3d:0d:81:b0:d0:45:58:6f:f5:c3:f4 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
Republique et Canton de Geneve
Organization unit: Direction Generale des Systemes d'Information
Locality: Geneve
Country: CH
SwissSign AG
This certificate has expire since
Certificate Details
Serial Number (hex): 7a:d3:a1:33:af:95:fe:3e:e6:3d:0d:81:b0:d0:45:58:6f:f5:c3:f4Serial Number (int): 701216373943227818016602063727342091107235644404
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: fa:cb:a3:0a:de:16:8d:32:c8:99:c9:85:7d:67:a3:e0:e5:62:87:4e
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae
Fingerprint (sha1): 99:10:bb:ae:ff:ac:4f:9a:6d:a1:38:f7:fc:9f:ea:d8:10:b3:01:7b
Fingerprint (sha256): 26:6d:11:85:00:20:01:7f:34:ba:1b:d3:62:06:f2:f1:87:40:80:80:fd:7b:a8:c2:c8:ff:b4:4c:75:4a:0c:2c
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
Revocation information
OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AECRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate *.ge.ch
2
0
0
Advanced Certificate Properties
Tehnical certificate details for *.ge.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Content Commitment
Key Encipherment
Data Encipherment
Key Agreement
Extended Key Usages
Server Authentication
Client Authentication
IPSEC End System
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ge.ch
Other certificates including the domain name ge.ch
(limited to 100 certificates)
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch
Certificate
The complete raw certificate details for *.ge.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHWDCCBkCgAwIBAgIUetOhM6+V/j7mPQ2BsNBFWG/1w/QwDQYJKoZIhvcNAQEL BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTUxMTMw MTAxMjA2WhcNMTgxMTMwMTAxMjA2WjCBojELMAkGA1UEBhMCQ0gxDzANBgNVBAgT BkdlbmV2ZTEPMA0GA1UEBxMGR2VuZXZlMScwJQYDVQQKEx5SZXB1YmxpcXVlIGV0 IENhbnRvbiBkZSBHZW5ldmUxNjA0BgNVBAsTLURpcmVjdGlvbiBHZW5lcmFsZSBk ZXMgU3lzdGVtZXMgZCdJbmZvcm1hdGlvbjEQMA4GA1UEAwwHKi5nZS5jaDCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOXfd05M5asmHECXwa7SIdoyrYlA S/FOvJQDL0vu/CC+JtITIQUi1u7gILVCyMmNd+DWIUDqMuVGWtC111eHDpOFw4xg 9SXhTqcsCf7/gOq3j2uy6xCOChI5pWk1tUNmHC0wQ1JHyf5OoBQQ2jyk8AQCxOCC HIgvUnFuX3Fg2eWB0UIYK5aUKvFtypt0ygegxoOtP2XGnBs2hP+6HVybpa026puK keLW/o1iutS4NGe9lBXaiZQ1SuI7mqaxxP5xQPWtrNFyfSlYDXjilprGSNMpK0AO AaAe4ZPJWjj4JBLh/GsVPU0vFio1jPFB1k3YONxH12zu8QZq+pGwnTPaKwKPheS+ oTHe3OBxwhrJDDWTDSI3oaywfnD6wfGJRcfZWQcAW5gul5t9Dw/Uge5OJ4tzo3Je yBcdJYkbbhCFtr9u1ufS2xX+HB03XFn1vsYG4kujJXc6rbnBwokm71lhZ1oddNeh pqCF/HE0J7JMUx6SuM8udMW2swZd/t8frVXZndAmgxVrFncG10q22Qi84gPMqb+U NWhFY3d5+qO2w8NNyXxdiHoY/fZL+5JmfUCA9kR3S2mgmPL2NTVryg2ZckW1lurW RyiFvRkZg9QOp7LLtSQXaoW7zY3Xcxlnjb9tpS+xKAlzxFmJmrIAxet6Uj/2JYw0 CYvCPrrscpIgrLoTAgMBAAGjggLTMIICzzAZBgNVHREEEjAQggcqLmdlLmNoggVn ZS5jaDAOBgNVHQ8BAf8EBAMCA/gwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUF BwMCBggrBgEFBQcDBTAdBgNVHQ4EFgQU+sujCt4WjTLImcmFfWej4OVih04wHwYD VR0jBBgwFoAU5/Hn/S5TrRHlgRpXpHOPEn2YyK4wgf8GA1UdHwSB9zCB9DBHoEWg Q4ZBaHR0cDovL2NybC5zd2lzc3NpZ24ubmV0L0U3RjFFN0ZEMkU1M0FEMTFFNTgx MUE1N0E0NzM4RjEyN0Q5OEM4QUUwgaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5 LnN3aXNzc2lnbi5uZXQvQ049RTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhG MTI3RDk4QzhBRSUyQ089U3dpc3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9j YXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQw XwYDVR0gBFgwVjBUBglghXQBWQECAQYwRzBFBggrBgEFBQcCARY5aHR0cDovL3Jl cG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ24tR29sZC1DUC1DUFMucGRm MIHVBggrBgEFBQcBAQSByDCBxTBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2ln bi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvRTdGMUU3RkQyRTUzQUQx MUU1ODExQTU3QTQ3MzhGMTI3RDk4QzhBRTBdBggrBgEFBQcwAYZRaHR0cDovL2dv bGQtc2VydmVyLWcyLm9jc3Auc3dpc3NzaWduLm5ldC9FN0YxRTdGRDJFNTNBRDEx RTU4MTFBNTdBNDczOEYxMjdEOThDOEFFMA0GCSqGSIb3DQEBCwUAA4IBAQAhTxZ4 4apOI2meBWHyE2EpbQ2czW953AwP9yrckXW9oX+KfvNkQ3Oe0NUHLHvWXv2dwEa1 2L8QdSqTE8n7HVNDSOZD5k//krD6GW+nkzWul3pCQkd/V/5jEZEC6vaqvVMd/i8T Nj4wwdcZUEYE0JDAbjWVQnwRFdOdiQEAZTwUbPjN8Nbou4aY0iFs6JOqxLxJHOUL 3/ZDfQEv9fIEhKp/gqa/esUxxmUbE5zV/U7OXsXNW6AhVCzzEk+ofoGQNnQNUb9e IBYOyel1UkDAh8DlEEcoe4DhjgaLwcHSSBp/EVl8WKGhBI/b7FgrgkO1gk+Ovkgt UykTwgBO+5uUZrca -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5d93TkzlqyYcQJfBrtIh 2jKtiUBL8U68lAMvS+78IL4m0hMhBSLW7uAgtULIyY134NYhQOoy5UZa0LXXV4cO k4XDjGD1JeFOpywJ/v+A6rePa7LrEI4KEjmlaTW1Q2YcLTBDUkfJ/k6gFBDaPKTw BALE4IIciC9ScW5fcWDZ5YHRQhgrlpQq8W3Km3TKB6DGg60/ZcacGzaE/7odXJul rTbqm4qR4tb+jWK61Lg0Z72UFdqJlDVK4juaprHE/nFA9a2s0XJ9KVgNeOKWmsZI 0ykrQA4BoB7hk8laOPgkEuH8axU9TS8WKjWM8UHWTdg43EfXbO7xBmr6kbCdM9or Ao+F5L6hMd7c4HHCGskMNZMNIjehrLB+cPrB8YlFx9lZBwBbmC6Xm30PD9SB7k4n i3Ojcl7IFx0liRtuEIW2v27W59LbFf4cHTdcWfW+xgbiS6MldzqtucHCiSbvWWFn Wh1016GmoIX8cTQnskxTHpK4zy50xbazBl3+3x+tVdmd0CaDFWsWdwbXSrbZCLzi A8ypv5Q1aEVjd3n6o7bDw03JfF2Iehj99kv7kmZ9QID2RHdLaaCY8vY1NWvKDZly RbWW6tZHKIW9GRmD1A6nssu1JBdqhbvNjddzGWeNv22lL7EoCXPEWYmasgDF63pS P/YljDQJi8I+uuxykiCsuhMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 701216373943227818016602063727342091107235644404 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-30 10:12:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-30 10:12:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Direction Generale des Systemes d'Information' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ge.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 937799670867421142621001686212951388220242064503978470388380006325989498891320430816022617959973639652294683346284091254983081164571517884902406732668517399273781949185601493398797482622251788614252910161324380376706297095586765987295558251907533959794671288809635838192189197110153996116329696518330094938261549224040011214955195229744690417697456875718174440211725554702207377097730637313505447798053743702499980866323527766846257369069403300205210727313816156179670317287132569749180962797510313667958904231603846525936040270667322646962595671477695743878058288123594784093109834525808190876522089968166719103521748711255484190218924838642369222297802318795572623914178411518001679409406401344450870885760171032899974937424999724300489175741543202857008131622134909766513384975715303994804184589767800641278375887493767043202457939896491168031882045448350937991999893733375791538344747727625582599620099218209365678129612057334777646138283118905985316263586671175345029716622714628934478901565811004084485469693660890974721912265874401713308559219572047516581621523605999591803285208403985835486335456463604218268176061548066126221820992592422468737423987512074561236319206503943141150779548607402799455063003832107776207592667667 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ge.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ge.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03f8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.5 (ipsecEndSystem) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) facba30ade168d32c899c9857d67a3e0e562874e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00214f1678e1aa4e23699e0561f21361296d0d9ccd6f79dc0c0ff72adc9175bda17f8a7ef36443739ed0d5072c7bd65efd9dc046b5d8bf10752a9313c9fb1d534348e643e64fff92b0fa196fa79335ae977a4242477f57fe63119102eaf6aabd531dfe2f13363e30c1d719504604d090c06e3595427c1115d39d890100653c146cf8cdf0d6e8bb8698d2216ce893aac4bc491ce50bdff6437d012ff5f20484aa7f82a6bf7ac531c6651b139cd5fd4ece5ec5cd5ba021542cf3124fa87e819036740d51bf5e20160ec9e9755240c087c0e51047287b80e18e068bc1c1d2481a7f11597c58a1a1048fdbec582b8243b5824f8ebe482d532913c2004efb9b9466b71a