*.app4.ge.ch
- République et Canton de Genève -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 78:03:af:83:33:36:18:fb:f7:5d:0f:22:46:e3:b3:1d:9d:18:b4:30 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
République et Canton de Genève
Organization:
République et Canton de Genève
State / Province:
GE
Locality: Geneve
Country: CH
Locality: Geneve
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 78:03:af:83:33:36:18:fb:f7:5d:0f:22:46:e3:b3:1d:9d:18:b4:30Serial Number (int): 685161084029555978019549913300426902296594002992
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: ae:b7:81:0d:90:6c:fa:c3:57:0a:4b:d1:0d:e1:3a:ca:c8:c8:d9:a1
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 6e:2f:2b:90:e8:fd:30:56:12:0f:7e:3d:bd:62:3c:95:c1:7c:d6:7b
Fingerprint (sha256): 2e:1b:d3:76:64:93:71:92:36:74:43:4a:16:f1:7e:98:93:d3:88:30:b3:24:e8:e1:bc:54:d5:be:62:a6:bd:ee
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate *.app4.ge.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.app4.ge.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.app4.ge.ch
Other certificates including the domain name ge.ch
(limited to 100 certificates)
impuserlabo000-ms.ceti.etat-ge.ch
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch
Certificate
The complete raw certificate details for *.app4.ge.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJSzCCBzOgAwIBAgIUeAOvgzM2GPv3XQ8iRuOzHZ0YtDAwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDExNTEw Mzc0NFoXDTI1MDExNTEwMzc0NFowbTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkdF MQ8wDQYDVQQHDAZHZW5ldmUxKTAnBgNVBAoMIFLDqXB1YmxpcXVlIGV0IENhbnRv biBkZSBHZW7DqHZlMRUwEwYDVQQDDAwqLmFwcDQuZ2UuY2gwggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQCoP5nLjrkYjyiTzqqq2r4khONeZHTslgbQ58kd 1XR5FB8mXWabGtfOQyVMkhJ0PW2CoZrD1YeQ0koLJYUBirtYIH4l8Ku8q5L49D0Y 8NAcj3dz2YZbHHXZ/bWTQZqunPXnyJx7Tg9MkdsBvYyF28OoLUsphjtbKY9GMxyN WBg9FBN6dPPq+oVcUS05iSH5IljnlY6JDPxjDlfQwB+eC5wmt/qEH5SGeWCWSYEB iitIJnnOLD1EpdOFbHCsxdcXAyqEeA/y5lyldgTEDXbY4d8pkMS0W/+ovy4HbKLP EuCEiOozzoDrQKM6XdF+vFTY/1QMtwCxlIChq6qTA9qARBjI5ovGCZetQ5nQhypd WgdLn6ylBXT1BZXCZ1eolg97zP+vgCy+bYwS7sHIcjh/ZX6EW8DqCK7Ylygo6jpJ p4uhrAVGULI3kIeJJo/Nl/1efeXMH2RNUPyKpaZpmiPY2Z6jtjj4p4Y0ZVGfyvxl 66gTKW3fOorkX6B8ylR8Mhis/DT/z7MWXD8q/iglvfn+UfyD68Xi6tnf+CZBcNf7 jMKarVGXvO6h+a+dJPbjXl6MJ8jZeDVgDQh8mUjvUhxtQcsLOavh9koM5eO+cUSV lrQL+EUkaKCykUg4wKLt2Q1Ky2Nk3F3o8Vaga3UMrqdAkRwMt7ZJB953ElYsq+ep hw410QIDAQABo4ID/jCCA/owgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAC hkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMGYyYmY5YTUtZGQzNy00OGM5 LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lz c3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFi NzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQICMAgGBgQAj3oBBzBQBghghXQBWQIB AjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv bS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDov L2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNl NDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0P AQH/BAQDAgWgMBcGA1UdEQQQMA6CDCouYXBwNC5nZS5jaDAdBgNVHQ4EFgQUrreB DZBs+sNXCkvRDeE6ysjI2aEwHwYDVR0jBBgwFoAUfG8KbxMP2YwkbyY081xrQ223 I7YwggH1BgorBgEEAdZ5AgQCBIIB5QSCAeEB3wB2AFWB1MIWkDYBSuoLm1c8U/DA 5Dh4cCUIFy+jqh0HE9MMAAABjQyy3TsAAAQDAEcwRQIgQ0t7EjeOsA6YS5zXscY/ EvQvPF2paIs722VkAErPjBYCIQCvrXDJ+PRmzvK04PcW4uqs5Yy+wJ7NtVMQ+heK fnVELAB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjQyzAyIA AAQDAEcwRQIgK5iUl7smGrlc5RKa6W8JZdzdEKey8tz921qgfcDLszgCIQDd2oqM AHbHfAQGJxQfxVsNKB3rCwSJS1aCuyfpGf68RAB2AMz7D2qFcQll/pWbU87psnwi 6YVcDZeNtql+VMD+TA2wAAABjQyzBiMAAAQDAEcwRQIgHz0rxEHlxfJJnuC+swiC Scfyj1NKO2GSGVndesE3hdMCIQCcRpTAGQQYu+wHBJiIFXP0m8VM8lBi+z3RphFE k4NzJgB1AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjQyzCRMA AAQDAEYwRAIgdofqZ+Dp/30nbOjIW+h4XIbqvG2UIMd08hXb6wJ3kVQCIF/cRCPa oR7dOc887sHlcU2//iS1ruhKaZrfL4Ps4qu1MA0GCSqGSIb3DQEBCwUAA4ICAQCE AgLOYsG8r+NfNG5BA05JKX51wghjXnnN+Y+a95Zn48naKb/NwxOK1N3ksbWkT5OQ lmddNtt7b8D0pm+aqLejMIve0CiuKrcbaPaJ12tA/AzkqCEGAS4K8yybk+jmqmdv KMoZbiJbh9NX3sbG3HF+faaUWvlJdYBdVgZIs/beTuH7adwZDqjhNX/G77jcCXdw 5TpzqTXkRkbeE9DMR19FRpO7D3b1HroFMvJ/lJ0GwCw8WH9QRZ7zmtM4pdn5DWkq y33pBuoiENKbH6+HfAbCEF5/wJxQQOqptrT5hdWyILvVKyWSiUeL50J37x3tLebI 20MzI8NOzok+y5z7cUMueZQviP7/ldq9DVDmV70w6BKxdACMYybIDuY89T/2SOKw SGaRs4T6naKcAqpNckA3nzO6gEsHsaf+MqW2MQeJN8EiIOT73JoQdgDOypXJgXu1 9AtYVXy+LdwFovdCjCKhi4kn5ljfK/4lTbI2hqTZLaep91VdavuZ6riIWIfvRWT+ yG+4R3yZBFX1/kz5FJwWxI8iwLUGGBniAfZaYsFE9U2EyoD3SEpiwMWEw5YwRRQT ytMwxvBw49kJbXx8mCVwTPyl8OhVROC2ZzEsRL5XK0Xouv8WJUT5uLB5AoT8BSBK PDk7ZLXMTuZS4J5BYUANrgEKAVeUNtVAEppEBb/URQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqD+Zy465GI8ok86qqtq+ JITjXmR07JYG0OfJHdV0eRQfJl1mmxrXzkMlTJISdD1tgqGaw9WHkNJKCyWFAYq7 WCB+JfCrvKuS+PQ9GPDQHI93c9mGWxx12f21k0Garpz158ice04PTJHbAb2MhdvD qC1LKYY7WymPRjMcjVgYPRQTenTz6vqFXFEtOYkh+SJY55WOiQz8Yw5X0MAfnguc Jrf6hB+UhnlglkmBAYorSCZ5ziw9RKXThWxwrMXXFwMqhHgP8uZcpXYExA122OHf KZDEtFv/qL8uB2yizxLghIjqM86A60CjOl3RfrxU2P9UDLcAsZSAoauqkwPagEQY yOaLxgmXrUOZ0IcqXVoHS5+spQV09QWVwmdXqJYPe8z/r4Asvm2MEu7ByHI4f2V+ hFvA6giu2JcoKOo6SaeLoawFRlCyN5CHiSaPzZf9Xn3lzB9kTVD8iqWmaZoj2Nme o7Y4+KeGNGVRn8r8ZeuoEylt3zqK5F+gfMpUfDIYrPw0/8+zFlw/Kv4oJb35/lH8 g+vF4urZ3/gmQXDX+4zCmq1Rl7zuofmvnST2415ejCfI2Xg1YA0IfJlI71IcbUHL Czmr4fZKDOXjvnFElZa0C/hFJGigspFIOMCi7dkNSstjZNxd6PFWoGt1DK6nQJEc DLe2SQfedxJWLKvnqYcONdECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 685161084029555978019549913300426902296594002992 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-15 10:37:44 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-15 10:37:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'République et Canton de Genève' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.app4.ge.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 686393752148485192311720146730292198888514596051763624810035479299342327941824055037883884957861177379957701523453513467848768746878908877158566669723179150614469821800862307776070232567619944900532631899699984751316695526582358727289246454420061535102338486867872407393230653530751277901687642821466630943824251985149224556894428583524244432233570208503519354847741223321436077710808584703926362727579591900355565653810589630881227111372759605065023355481907554811097487880135183629964043021448622812403317193574886581407793201922832883058387742575704163903826395399292554790126350789179967371232418398167623650392570876511593846309942639214698511184118019686096407050141630942449025977537638672498005874931187235818067828204631828235184594510156086508780751988771643819829357085001274273705896895481327285060357968802910447757043391703678238698860240797806046170411883563824251209076373541532600786202852048206533611039341437973859896258389418570765066901432033873788053495567953280351125843071306875280014440609376556968419442338793241392279807256521205226665694673010494261887136881683333054268538322491481351666179798695201167630352168852166267096537157141285377743246953770446719986673599532503656959405237394479386210717283793 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.app4.ge.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) aeb7810d906cfac3570a4bd10de13acac8c8d9a1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018d0cb2dd3b00000403004730450220434b7b12378eb00e984b9cd7b1c63f12f42f3c5da9688b3bdb6564004acf8c16022100afad70c9f8f466cef2b4e0f716e2eaace58cbec09ecdb55310fa178a7e75442c007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d0cb30322000004030047304502202b989497bb261ab95ce5129ae96f0965dcdd10a7b2f2dcfddb5aa07dc0cbb338022100ddda8a8c0076c77c040627141fc55b0d281deb0b04894b5682bb27e919febc44007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018d0cb30623000004030047304502201f3d2bc441e5c5f2499ee0beb3088249c7f28f534a3b61921959dd7ac13785d30221009c4694c0190418bbec070498881573f49bc54cf25062fb3dd1a61144938373260075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d0cb30913000004030046304402207687ea67e0e9ff7d276ce8c85be8785c86eabc6d9420c774f215dbeb0277915402205fdc4423daa11edd39cf3ceec1e5714dbffe24b5aee84a699adf2f83ece2abb5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00840202ce62c1bcafe35f346e41034e49297e75c208635e79cdf98f9af79667e3c9da29bfcdc3138ad4dde4b1b5a44f939096675d36db7b6fc0f4a66f9aa8b7a3308bded028ae2ab71b68f689d76b40fc0ce4a82106012e0af32c9b93e8e6aa676f28ca196e225b87d357dec6c6dc717e7da6945af94975805d560648b3f6de4ee1fb69dc190ea8e1357fc6efb8dc097770e53a73a935e44646de13d0cc475f454693bb0f76f51eba0532f27f949d06c02c3c587f50459ef39ad338a5d9f90d692acb7de906ea2210d29b1faf877c06c2105e7fc09c5040eaa9b6b4f985d5b220bbd52b259289478be74277ef1ded2de6c8db433323c34ece893ecb9cfb71432e79942f88feff95dabd0d50e657bd30e812b174008c6326c80ee63cf53ff648e2b0486691b384fa9da29c02aa4d7240379f33ba804b07b1a7fe32a5b631078937c12220e4fbdc9a107600ceca95c9817bb5f40b58557cbe2ddc05a2f7428c22a18b8927e658df2bfe254db23686a4d92da7a9f7555d6afb99eab8885887ef4564fec86fb8477c990455f5fe4cf9149c16c48f22c0b5061819e201f65a62c144f54d84ca80f7484a62c0c584c39630451413cad330c6f070e3d9096d7c7c9825704cfca5f0e85544e0b667312c44be572b45e8baff162544f9b8b0790284fc05204a3c393b64b5cc4ee652e09e4161400dae010a01579436d540129a4405bfd445