*.empa.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 17:a9:c0:4e:6e:a0:99:b0:34:6b:a8:e2:9e:8d:3d:3d:80:6f:f6:c7 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.empa.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 17:a9:c0:4e:6e:a0:99:b0:34:6b:a8:e2:9e:8d:3d:3d:80:6f:f6:c7Serial Number (int): 135092365915472466371593800276803774845671175879
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: a1:7c:38:c7:1c:a1:04:a4:7e:30:ad:66:65:ea:2e:8d:23:b5:41:cb
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 94:c7:2a:77:88:ad:25:5c:66:71:d9:eb:6d:90:13:f3:09:b2:06:f7
Fingerprint (sha256): 28:ce:54:a4:2f:5b:a4:45:31:82:b3:6b:30:fe:8c:9a:60:60:ed:3c:e6:27:a1:72:67:4e:8f:1f:4c:54:a6:35
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate *.empa.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.empa.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.empa.ch
empa.ch
empa.ch
Other certificates including the domain name empa.ch
(limited to 100 certificates)
certest-win.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
www.nest.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sbc.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
www.nest.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sbc.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
Certificate
The complete raw certificate details for *.empa.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIczCCBlugAwIBAgIUF6nATm6gmbA0a6jino09PYBv9scwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDQwMzE1 MTY0M1oXDTI1MDQwMzE1MTY0M1owFDESMBAGA1UEAwwJKi5lbXBhLmNoMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZa7lwvkFSOu8KcWoieXTkZN5gHM rEfc29kfjWrG5PJmNjgOprUo+89h73VdGtPRld0LhUkKp/k9LLiZ64SteotW3rOI SNwma+TA5NaX6R5sMM9NenaXg37d59xQhcmBk1oGB88DmzJuY4jYfKMVZVMKvMzw cCyczggJgVnSIoBFamomc5Rm3KKkFhJSZak8L0IiwgfxErV4SbQf1IjD6nZYRYe4 tDN4RPMhCsEKTyXS9SqKhV77RZkmseP7vu5kcPkfgYGILbScOTaLREl84yUmiRTX 6pypNzY0wGnRp8vWNl4JhYzZQnh/DAa2G9tjkrrxbybM6Tab1LvUY03ODQIDAQAB o4IEfzCCBHswgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRwOi8v YWlhLnN3aXNzc2lnbi5jaC9haXItMWI4NjMzODUtZjRhOS00N2ZhLTg4YTUtMmE1 YWJmZDRhMTY3MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24uY2gv c2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVjMG8G A1UdIARoMGYwCAYGZ4EMAQIBMAgGBgQAj3oBBjBQBghghXQBWQIBATBEMEIGCCsG AQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1Np Z25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lz c3NpZ24uY2gvY2RwLTY3OTcyM2IyLTg2NDEtNDY0Mi04NTAwLWY2ZDJmZjM3ZTZi YTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWg MB0GA1UdEQQWMBSCCSouZW1wYS5jaIIHZW1wYS5jaDAdBgNVHQ4EFgQUoXw4xxyh BKR+MK1mZeoujSO1QcswHwYDVR0jBBgwFoAU671/SZOMye7sorr3HNJn8IOx6t4w ggJwBgorBgEEAdZ5AgQCBIICYASCAlwCWgB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4 cCUIFy+jqh0HE9MMAAABjqSIq8YAAAQDAEgwRgIhAN7+OWu+x/3/4P6r41eW9Dkl RKBhiDkOxKCmYvcTDkkyAiEA9yHjumXhSIw8TjXZDRXVvNuKHzNkDIPSOIBjc7hs cgYAdwAo4oE4/YMhRemp1qp1N22Dd6iFErPAf3JBSCHcvemMZgAAAY6kiK62AAAE AwBIMEYCIQCa2SYNxuPR2OSI1VLVx9WEcnc1NPsdshsMvQ84U3KCtAIhAJn3/eBt 9iUSmc/3H6lnKBsCVVLkqYlNZsOnx08RtRFEAHYAzxFW7tUufK/zh1vZaS6b6Rpx Z0qwF+ysAdJbd87MOwgAAAGOpIiqNAAABAMARzBFAiEAqYzqj8T6FWKXmQhcJH0z wue0dPZupzXfFMQb2ATAAKACIE4DrklQ+AvuME3eD6aSCwIlISbz1I2U/VwO7WcP zzIpAHYAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGOpIiqvQAA BAMARzBFAiBHWAUJBrvLLh3ld5dB8EFZW9RsZoNzx9JZ08D6920T0AIhAJVO83eY EeQQs+egVRbldiGouV3kKGNNET8JP33nBTl0AHYATnWjJ1yaEMM4W2zU3z9S6x3w 4I4bjWnAsfpksWKaOd8AAAGOpIiqXQAABAMARzBFAiEA64nY0hmhnZZZdZNczMHO T0IMXx/1aT6y7uZATbLhCuwCIEvsjjOqzkG2H3tF8fqsXU94K2jg/+W5RBLzK5zT bYMlMA0GCSqGSIb3DQEBCwUAA4ICAQCYZr+jBWg19/sg4LAmEnhKDDExBKJCKNcq R0knR6ZyH/QGlwsEVHZz9TEzsQzfkRlLyu6tvjpAUewhhZo2+hq95VZTPA0cqyvK Pk77rFBGpEpd/Aou/sbcYInseuQ4Yl6udKSv39U3nT/tWZjqcV4Ngc31HKknLzIj kIlpy8/ODjA4MAW3Lod9Qbo2BOni/5A29dx5zyXUeJiueepGAgt9ocUlNfxNyGGa 2XKuZPufL5i+HRfKY6SiZP6bO+U9Fkdr6jtXntFF/d2k895AhQtjeT1DJpo6GZD+ cFA+D2fhsGUbGzhWtCgvfo0NJNcPP8kyT/sqdGFkkTd7yD+u0y3T1Y7hN8DZl9ml 7jL+fYx5q7HPXGJKvXL8p6MlMGmlwcOI3LUdIb4VrFAQTcqraKVmStSwtyo944k9 NwSk+SMxe/qeSi3N/L2Psryl/hdZWRng2wUGiNN0P7hRzrDFBpkUJ/P9uf0fZLQ6 2tgKT/yjLtM8Bj85eKQI3SUI6AY8NjbaMKGRq4Xny0tACKBy6Zl5l9UoxFAie/zp QlwQmBf1hUJJAJSO5Ohgb8mSgkyb4WPENspA0N0J5RHqeWXdoIHFz6dUmZis1fau GoK4tFElwpwQXSmEQw25qaQTVJsb8TCj6MsdkR0frioAnrqEIslJ8nmokjrB1pjj 5/jppVgkGQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZa7lwvkFSOu8KcWoieX TkZN5gHMrEfc29kfjWrG5PJmNjgOprUo+89h73VdGtPRld0LhUkKp/k9LLiZ64St eotW3rOISNwma+TA5NaX6R5sMM9NenaXg37d59xQhcmBk1oGB88DmzJuY4jYfKMV ZVMKvMzwcCyczggJgVnSIoBFamomc5Rm3KKkFhJSZak8L0IiwgfxErV4SbQf1IjD 6nZYRYe4tDN4RPMhCsEKTyXS9SqKhV77RZkmseP7vu5kcPkfgYGILbScOTaLREl8 4yUmiRTX6pypNzY0wGnRp8vWNl4JhYzZQnh/DAa2G9tjkrrxbybM6Tab1LvUY03O DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 135092365915472466371593800276803774845671175879 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 15:16:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-03 15:16:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.empa.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21913555860042224924485449531666306671671173952678210072745474351996561983399153335004326791417049829949794534519607820230396673926108480264802871298222316038793254715409392565245307068913958542761848513659492529866107091136343989816670344236554470157272300523781607005596392620951667773034447269004952558208663390102447503279881347002488574976405923300309204531291067357563580443443308821417702537633909874546822861806947065615917934407296205292298150309052950197874657074349180579347439219325099526435064536296417686279109702709827473738954699106140045745873585689595020079722723130258475088222495388811304782122509 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.empa.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'empa.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a17c38c71ca104a47e30ad6665ea2e8d23b541cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (608 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (604 bytes) 025a0077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018ea488abc60000040300483046022100defe396bbec7fdffe0feabe35796f4392544a06188390ec4a0a662f7130e4932022100f721e3ba65e1488c3c4e35d90d15d5bcdb8a1f33640c83d238806373b86c720600770028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018ea488aeb600000403004830460221009ad9260dc6e3d1d8e488d552d5c7d58472773534fb1db21b0cbd0f38537282b402210099f7fde06df6251299cff71fa967281b025552e4a9894d66c3a7c74f11b51144007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018ea488aa340000040300473045022100a98cea8fc4fa15629799085c247d33c2e7b474f66ea735df14c41bd804c000a002204e03ae4950f80bee304dde0fa6920b02252126f3d48d94fd5c0eed670fcf3229007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018ea488aabd000004030047304502204758050906bbcb2e1de5779741f041595bd46c668373c7d259d3c0faf76d13d0022100954ef3779811e410b3e7a05516e57621a8b95de428634d113f093f7de70539740076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ea488aa5d0000040300473045022100eb89d8d219a19d965975935cccc1ce4f420c5f1ff5693eb2eee6404db2e10aec02204bec8e33aace41b61f7b45f1faac5d4f782b68e0ffe5b94412f32b9cd36d8325 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 009866bfa3056835f7fb20e0b02612784a0c313104a24228d72a47492747a6721ff406970b04547673f53133b10cdf91194bcaeeadbe3a4051ec21859a36fa1abde556533c0d1cab2bca3e4efbac5046a44a5dfc0a2efec6dc6089ec7ae438625eae74a4afdfd5379d3fed5998ea715e0d81cdf51ca9272f3223908969cbcfce0e30383005b72e877d41ba3604e9e2ff9036f5dc79cf25d47898ae79ea46020b7da1c52535fc4dc8619ad972ae64fb9f2f98be1d17ca63a4a264fe9b3be53d16476bea3b579ed145fddda4f3de40850b63793d43269a3a1990fe70503e0f67e1b0651b1b3856b4282f7e8d0d24d70f3fc9324ffb2a74616491377bc83faed32dd3d58ee137c0d997d9a5ee32fe7d8c79abb1cf5c624abd72fca7a3253069a5c1c388dcb51d21be15ac50104dcaab68a5664ad4b0b72a3de3893d3704a4f923317bfa9e4a2dcdfcbd8fb2bca5fe17595919e0db050688d3743fb851ceb0c506991427f3fdb9fd1f64b43adad80a4ffca32ed33c063f3978a408dd2508e8063c3636da30a191ab85e7cb4b4008a072e9997997d528c450227bfce9425c109817f585424900948ee4e8606fc992824c9be163c436ca40d0dd09e511ea7965dda081c5cfa7549998acd5f6ae1a82b8b45125c29c105d2984430db9a9a413549b1bf130a3e8cb1d911d1fae2a009eba8422c949f279a8923ac1d698e3e7f8e9a5582419