remote.eu.kaufland.com

- Kaufland Stiftung & Co. KG -

Issued by SwissSign RSA TLS EV ICA 2022 - 1

About this certificate

This digital certificate with serial number 46:71:d7:e2:33:0d:37:8c:4a:a0:9e:e6:09:73:81:6d:c9:d1:ae:3f was issued on by SwissSign AG.

With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Kaufland Stiftung & Co. KG

Company registration number: HRA 102851
Organization: Kaufland Stiftung & Co. KG
Address: Rötelstrasse 35
Postal code: 74172
State / Province: BW
Locality: Neckarsulm
Country: DE

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 46:71:d7:e2:33:0d:37:8c:4a:a0:9e:e6:09:73:81:6d:c9:d1:ae:3f
Serial Number (int): 402168144278252233988194058823122200248798260799
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 1b:40:fe:b7:e0:c4:45:5e:52:fa:a8:3d:8a:c1:a7:24:3b:3d:67:2f
AuthorityKeyId: 49:52:df:30:86:92:59:5f:34:9c:25:48:24:ab:c0:eb:d1:06:f2:d6

Fingerprint (sha1): 42:7d:83:86:d3:34:70:9b:d4:e4:73:c0:03:ec:2a:a5:b9:44:ab:11
Fingerprint (sha256): 33:46:a4:5e:a9:24:48:6c:38:41:28:93:fb:e7:69:6f:e9:19:13:37:54:2b:d9:a3:d0:db:72:2d:99:dc:6c:f3

Issuing Certificate URL: http://aia.swisssign.ch/air-20350159-813d-4532-b988-8519eca57650

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-9fdd910e-b9ff-4b2f-be38-2e93708c1b36

Check the revocation status for certificate remote.eu.kaufland.com

13

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for remote.eu.kaufland.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

remote.eu.kaufland.com
portal.eu.kaufland.net
gapa.eu.kaufland.net
mobile.eu.kaufland.net
app02.eu.kaufland.net
conference.eu.kaufland.net
app01.eu.kaufland.net
app04.eu.kaufland.net
mob.eu.kaufland.net
remote.eu.kaufland.net
www.remote.eu.kaufland.com
app05.eu.kaufland.net
app03.eu.kaufland.net

Other certificates including the domain name kaufland.com

(limited to 100 certificates)
iqpim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
media.kaufland.com
p22-ssl-client-fi-hcm.kaufland.com
ssl2.ipaper.io
mobsot02.kaufland.com
ssl.ipaper.io
pim.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
at2-ssl-client-fi-hcm.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
portal.eu.kaufland.com
qs2-ssl-client-fi-hcm.kaufland.com
iapim.kaufland.com
kaufland-blumen.de
asset.kaufland.com
*.ipaper.io
ssl.ipaper.io
ssl.ipaper.io
remote.au.kaufland.com
www-pc.kaufland.com
ssl3.ipaper.io
ssl2.ipaper.io
ssl2.ipaper.io
*.ipaper.io
media-q.kaufland.com
media.kaufland.com
se1-ucexe-p011.uc.schwarz
ssl.ipaper.io
ssl3.ipaper.io
ssl2.ipaper.io
*.ipaper.io
test-hr-portal.kaufland.com
portal.eu.kaufland.com
www-ac.kaufland.com
giftcard-q.kaufland.com
portal.eu.kaufland.com
se1-ucexe-p014.uc.schwarz
ssl2.ipaper.io
www-q.kaufland.com
connect-app.kaufland.com
ssl.ipaper.io
media.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
ssl2.ipaper.io
ssl.ipaper.io
*.leaflets.kaufland.com
media.kaufland.com
iqpim.kaufland.com
assets.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
*.ipaper.io
filex-test.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
jobs.kaufland.com
secmail.kaufland.com
account.kaufland.com
ssl2.ipaper.io
ssl.ipaper.io
*.ipaper.io
webassets.kaufland.com
account.kaufland.com
www-ec.kaufland.com
asset.kaufland.com
*.leaflets.kaufland.com
account-qs.kaufland.com
*.kaufland.com
www-fc.kaufland.com
kauf.land
*.ipaper.io
www-p.kaufland.com
kaufland.com
*.ipaper.io
ssl2.ipaper.io
dam.kaufland.com
se1-ucexe-p013.uc.schwarz
remote.cz.kaufland.com
www-q.kaufland.com
www-ac.kaufland.com
*.ipaper.io
mobsot.kaufland.com
*.ipaper.io
ssl.ipaper.io
eu.limo.remote.schwarz
jobs.kaufland.com
doa.kaufland.com
ssl.ipaper.io
ssl.ipaper.io
www-q.kaufland.com
remote.eu.kaufland.com
ssl.ipaper.io
www-qc.kaufland.com
www-pc.kaufland.com

Certificate

The complete raw certificate details for remote.eu.kaufland.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJvzCCB6egAwIBAgIURnHX4jMNN4xKoJ7mCXOBbcnRrj8wDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgRVYgSUNBIDIwMjIgLSAxMB4XDTI0MDExNjA4
MTk0NFoXDTI1MDExNjA4MTk0NFowggEqMRMwEQYLKwYBBAGCNzwCAQMTAkRFMSMw
IQYLKwYBBAGCNzwCAQIMEkJhZGVuLVfDvHJ0dGVtYmVyZzEaMBgGCysGAQQBgjc8
AgEBDAlTdHV0dGdhcnQxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMQsw
CQYDVQQGEwJERTELMAkGA1UECAwCQlcxEzARBgNVBAcMCk5lY2thcnN1bG0xDjAM
BgNVBBETBTc0MTcyMRkwFwYDVQQJDBBSw7Z0ZWxzdHJhc3NlIDM1MSMwIQYDVQQK
DBpLYXVmbGFuZCBTdGlmdHVuZyAmIENvLiBLRzETMBEGA1UEBRMKSFJBIDEwMjg1
MTEfMB0GA1UEAxMWcmVtb3RlLmV1LmthdWZsYW5kLmNvbTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAIofCx1Dvd6gU8Ra4JPSCw5pz2LaMChampw/qfAc
z5DcXFcuPukyBJxsDwc1t54VaH3FMgLP1pYeNw1m4r3EPZ5dNr3Zx3epkkQhVLTR
2Bp5v2YU24Bt4YsNY/s1/WQESqhmsnTMJnbT+Nc5cFsv5ia01z7ZyvBpjT98ey0w
rCVTF1uXBXBLFnJafSYqIhue5uKC40q4bpm20j99UjdWS7gB7rhtzmTOnRnNDVl4
gd8gaNgpFrSSPlcIbwWskY2mu+oVfp+2aqeoEqxCDcW7I8+j7wmqoabbXf/QdLmy
FBg2hholV5qSI9PE5/SGokPqK4JBwgvxX4YYF/vsTsZBjd8CAwEAAaOCBLMwggSv
MIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZAaHR0cDovL2FpYS5zd2lz
c3NpZ24uY2gvYWlyLTIwMzUwMTU5LTgxM2QtNDUzMi1iOTg4LTg1MTllY2E1NzY1
MDBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3NzaWduLmNoL3NpZ24vb2Nz
LWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjczZWZlYzBuBgNVHSAEZzBl
MAcGBWeBDAEBMAgGBgQAj3oBBDBQBghghXQBWQIBAzBEMEIGCCsGAQUFBwIBFjZo
dHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RM
Uy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lzc3NpZ24uY2gv
Y2RwLTlmZGQ5MTBlLWI5ZmYtNGIyZi1iZTM4LTJlOTM3MDhjMWIzNjAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMIIBQwYDVR0R
BIIBOjCCATaCFnJlbW90ZS5ldS5rYXVmbGFuZC5jb22CFnBvcnRhbC5ldS5rYXVm
bGFuZC5uZXSCFGdhcGEuZXUua2F1ZmxhbmQubmV0ghZtb2JpbGUuZXUua2F1Zmxh
bmQubmV0ghVhcHAwMi5ldS5rYXVmbGFuZC5uZXSCGmNvbmZlcmVuY2UuZXUua2F1
ZmxhbmQubmV0ghVhcHAwMS5ldS5rYXVmbGFuZC5uZXSCFWFwcDA0LmV1LmthdWZs
YW5kLm5ldIITbW9iLmV1LmthdWZsYW5kLm5ldIIWcmVtb3RlLmV1LmthdWZsYW5k
Lm5ldIIad3d3LnJlbW90ZS5ldS5rYXVmbGFuZC5jb22CFWFwcDA1LmV1LmthdWZs
YW5kLm5ldIIVYXBwMDMuZXUua2F1ZmxhbmQubmV0MB0GA1UdDgQWBBQbQP634MRF
XlL6qD2KwackOz1nLzAfBgNVHSMEGDAWgBRJUt8whpJZXzScJUgkq8Dr0Qby1jCC
AX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUAzxFW7tUufK/zh1vZaS6b6RpxZ0qw
F+ysAdJbd87MOwgAAAGNEVsv0gAABAMARjBEAiAWwt+Co7W9+HuC0Qy2ssxdO+/U
kNp9seV6M7ouG5H5aQIgFNw1DBTzle9e7Jx9zqZCJp55MsgUI3GHs+0N5j3g9lUA
dQDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAY0RWzM4AAAEAwBG
MEQCIHflGpSDljSEoIgKqcKSDqHw1hMB/Bi2IzUyomGd0JQJAiBkOKOTee4vba03
i+RbZYnJfy6u9mdusspj4YY1z/JohgB3AE51oydcmhDDOFts1N8/Uusd8OCOG41p
wLH6ZLFimjnfAAABjRFbND0AAAQDAEgwRgIhAIvX20Js39M2UO3yaBAUo/krHJtp
wJDq6zqExj/z6vIOAiEA64xrbFm1iitsbXOfsm9qeZZgNm/i661AEzNr0rV0zrIw
DQYJKoZIhvcNAQELBQADggIBACwBdzb/3/JDW281aetye2vqaUyn7WCJgd6twEyo
+UEbPvDkD8Y4res2n+tjhqDYRWTJre6hjZHn1cUlbHKGUjCEtrvmqxiFdiOxVvwS
zE0R8yGBL+mejcxILt48XwFiCATD1Uuncx3lNyVsWyRLyebk4gfdh8SZJBaz5oqz
WcCFAWkwajdPpZ8clj/GBIsjzxAprFVI75DghzfPmg+CCgbpeJA21QKw6VF3ysNN
4+5g8RCqHnxq82MXtUZ/v+7bMJ5AoyixCzdwQ+rmCnQpQpKxxXw6OkWBeNFC6hbc
cYd88w02m8hjVn4JsG0WrqVHw/TuGTf2lfdlnFTxY34wYbaet7Ptxi2rWeWk2ai7
8vh+7YxPsKykJbp8Hnoq7tfpW3tTogXuvFDowXezT68vsJQPfLTE2Qk1WmyKFmgY
Wrv3gW9FuDkc6Pb04ahPsL3Nv0MhEPxWgk+cJkRr8aYDBmnsWOxex8GB2EFcWofl
He4a75pMrzkphmSzF+eQB4xW9s2uTT4r+9/fV7mshiA/jeNwq6wIAznSYz943YMy
C58P8iNAKhPH1UdG4m4Dqrr30fclb/jnsarElnFvu/2xJ3EcJxGQWpJ5w79jj2Sc
IkhiH1WNpQXwG1SD0sh8Xr9/dZV8JcFm6pGDYkYt7VblAKI7rEA5vgqY3MtidWmT
RBho
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih8LHUO93qBTxFrgk9IL
DmnPYtowKFqanD+p8BzPkNxcVy4+6TIEnGwPBzW3nhVofcUyAs/Wlh43DWbivcQ9
nl02vdnHd6mSRCFUtNHYGnm/ZhTbgG3hiw1j+zX9ZARKqGaydMwmdtP41zlwWy/m
JrTXPtnK8GmNP3x7LTCsJVMXW5cFcEsWclp9JioiG57m4oLjSrhumbbSP31SN1ZL
uAHuuG3OZM6dGc0NWXiB3yBo2CkWtJI+VwhvBayRjaa76hV+n7Zqp6gSrEINxbsj
z6PvCaqhpttd/9B0ubIUGDaGGiVXmpIj08Tn9IaiQ+orgkHCC/FfhhgX++xOxkGN
3wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 402168144278252233988194058823122200248798260799
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS EV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-16 08:19:44 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-16 08:19:44 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baden-Württemberg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.1 (jurisdictionOfIncorporationL)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Stuttgart'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BW'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Neckarsulm'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '74172'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rötelstrasse 35'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Kaufland Stiftung & Co. KG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HRA 102851'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'remote.eu.kaufland.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17436194163936775161257751307114762828676136342716234415816585042006103687818256608846903633322201379265829449664879057587654888366158477165178603273871270072981138541467755180487329608899033965941711905408212177134946832807908584400476058312598092479017134723940861089326383626358498096143147137172348191809618928112672777243421950496960706575308731955067929998139857394731209275677315786336689632125745777524708604441231901025140657343384251330090152907246255363194502656292828021547112151294152002342758383304740649749213003277510062048368338397939194162684598170449493663755432887121513793874630992828917509885407
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-20350159-813d-4532-b988-8519eca57650'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.3
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-9fdd910e-b9ff-4b2f-be38-2e93708c1b36'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (314 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'remote.eu.kaufland.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gapa.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app02.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'conference.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app01.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app04.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mob.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'remote.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.remote.eu.kaufland.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app05.eu.kaufland.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app03.eu.kaufland.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1b40feb7e0c4455e52faa83d8ac1a7243b3d672f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4952df308692595f349c254824abc0ebd106f2d6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d115b2fd20000040300463044022016c2df82a3b5bdf87b82d10cb6b2cc5d3befd490da7db1e57a33ba2e1b91f969022014dc350c14f395ef5eec9c7dcea642269e7932c814237187b3ed0de63de0f655007500ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018d115b33380000040300463044022077e51a9483963484a0880aa9c2920ea1f0d61301fc18b6233532a2619dd0940902206438a39379ee2f6dad378be45b6589c97f2eaef6676eb2ca63e18635cff268860077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d115b343d00000403004830460221008bd7db426cdfd33650edf2681014a3f92b1c9b69c090eaeb3a84c63ff3eaf20e022100eb8c6b6c59b58a2b6c6d739fb26f6a799660366fe2ebad4013336bd2b574ceb2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		002c017736ffdff2435b6f3569eb727b6bea694ca7ed608981deadc04ca8f9411b3ef0e40fc638adeb369feb6386a0d84564c9adeea18d91e7d5c5256c7286523084b6bbe6ab18857623b156fc12cc4d11f321812fe99e8dcc482ede3c5f01620804c3d54ba7731de537256c5b244bc9e6e4e207dd87c4992416b3e68ab359c0850169306a374fa59f1c963fc6048b23cf1029ac5548ef90e08737cf9a0f820a06e9789036d502b0e95177cac34de3ee60f110aa1e7c6af36317b5467fbfeedb309e40a328b10b377043eae60a74294292b1c57c3a3a458178d142ea16dc71877cf30d369bc863567e09b06d16aea547c3f4ee1937f695f7659c54f1637e3061b69eb7b3edc62dab59e5a4d9a8bbf2f87eed8c4fb0aca425ba7c1e7a2aeed7e95b7b53a205eebc50e8c177b34faf2fb0940f7cb4c4d909355a6c8a1668185abbf7816f45b8391ce8f6f4e1a84fb0bdcdbf432110fc56824f9c26446bf1a6030669ec58ec5ec7c181d8415c5a87e51dee1aef9a4caf39298664b317e790078c56f6cdae4d3e2bfbdfdf57b9ac86203f8de370abac080339d2633f78dd83320b9f0ff223402a13c7d54746e26e03aabaf7d1f7256ff8e7b1aac496716fbbfdb127711c2711905a9279c3bf638f649c2248621f558da505f01b5483d2c87c5ebf7f75957c25c166ea918362462ded56e500a23bac4039be0a98dccb62756993441868