*.hesge.ch
- HES-SO Genève -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 6e:a9:76:0e:87:05:7d:f2:02:b9:f0:3c:e3:04:25:31:2e:05:c2:81 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
HES-SO Genève
Organization:
HES-SO Genève
State / Province:
GE
Locality: Carouge
Country: CH
Locality: Carouge
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 6e:a9:76:0e:87:05:7d:f2:02:b9:f0:3c:e3:04:25:31:2e:05:c2:81Serial Number (int): 631768094922341402969324010731560702977212007041
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: ee:82:e3:0d:68:97:57:69:67:62:24:28:d5:7e:55:7c:d1:45:5d:e1
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): a5:e2:e5:a2:5b:d2:52:62:0f:b3:57:0a:f0:e7:a8:1c:ef:a4:73:61
Fingerprint (sha256): 34:99:be:51:e1:9c:84:0d:3e:40:ce:07:10:a9:5f:29:00:7e:5b:32:af:3e:b6:83:c6:68:bd:4b:67:05:59:b7
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate *.hesge.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.hesge.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.hesge.ch
hesge.ch
hesge.ch
Other certificates including the domain name hesge.ch
(limited to 100 certificates)
heds.prod.hesge.ch
goldorak.hesge.ch
*.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
mail.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
goldorak.hesge.ch
hepiacloud.hesge.ch
m.hesge.ch
*.hesge.ch
idp.hesge.ch
hepiacloud.hesge.ch
idp.hesge.ch
mail.ge.ch
*.hesge.ch
hepiacloud.hesge.ch
vdi.hesge.ch
hepiacloud.hesge.ch
hepiacloud.hesge.ch
candy.hesge.ch
*.hesge.ch
idp.hesge.ch
goldorak.hesge.ch
m.hesge.ch
hepiacloud.hesge.ch
vpn.hesge.ch
*.hesge.ch
mail.ge.ch
m.hesge.ch
idp.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
*.hesge.ch
m.hesge.ch
*.hesge.ch
vdi.hesge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
mpp.hesge.ch
m.hesge.ch
goldorak.hesge.ch
head-mdm.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
goldorak.hesge.ch
*.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
mail.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
goldorak.hesge.ch
hepiacloud.hesge.ch
m.hesge.ch
*.hesge.ch
idp.hesge.ch
hepiacloud.hesge.ch
idp.hesge.ch
mail.ge.ch
*.hesge.ch
hepiacloud.hesge.ch
vdi.hesge.ch
hepiacloud.hesge.ch
hepiacloud.hesge.ch
candy.hesge.ch
*.hesge.ch
idp.hesge.ch
goldorak.hesge.ch
m.hesge.ch
hepiacloud.hesge.ch
vpn.hesge.ch
*.hesge.ch
mail.ge.ch
m.hesge.ch
idp.hesge.ch
*.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
*.hesge.ch
m.hesge.ch
*.hesge.ch
vdi.hesge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
mpp.hesge.ch
m.hesge.ch
goldorak.hesge.ch
head-mdm.hesge.ch
hepiacloud.hesge.ch
*.hesge.ch
Certificate
The complete raw certificate details for *.hesge.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXDCCBESgAwIBAgIUbql2DocFffICufA84wQlMS4FwoEwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDQyNjEy MzAyMVoXDTI1MDQyNjEyMzAyMVowWjELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkdF MRAwDgYDVQQHDAdDYXJvdWdlMRcwFQYDVQQKDA5IRVMtU08gR2Vuw6h2ZTETMBEG A1UEAwwKKi5oZXNnZS5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AMLt1+bVeBVvA+XE+7t88yN45QaKFhcC43XrT3UoSekOSvsnr4qJ3vZ8mECCwU3Q OOMKqrZO2u3TaawJ74b1hvIPQhTFV97DK9jlOe/l8fMvTVdNynBBLjOBmK1n3HvY 6onv2WG90ZtJUwLfjwWYCoLyxzFw+8HsQpXmvePEfaxhfJrZbx6gh27U4JV4Cko2 OCiPCwi60GmOeiqDSqUodpyuFBqbyL8A5b2mxHj9WFEvGPCjl0sCgCKrZrbrIwKv xWYVR8Yj6FiSprGJ3VE0NJnNf5uH8VYsnGF9CmEE3yYvEN1wumiYbKab2rTHkUwh Zb1d31TeskZthCs/QmqAR5kCAwEAAaOCAiIwggIeMIGyBggrBgEFBQcBAQSBpTCB ojBMBggrBgEFBQcwAoZAaHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWlyLTBmMmJm OWE1LWRkMzctNDhjOS1hODViLTEyYWNkY2I4YmU0NTBSBggrBgEFBQcwAYZGaHR0 cDovL29jc3Auc3dpc3NzaWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2 OS05YjFiLWZkMjlhYjczZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECAjAIBgYEAI96 AQcwUAYIYIV0AVkCAQIwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5 LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgw RqBEoEKGQGh0dHA6Ly9jcmwuc3dpc3NzaWduLmNoL2NkcC05NmI2MmY1YS02Yjcz LTRkYTQtODdmNy1jZTQwMDJjMWNkMzQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAfBgNVHREEGDAWggoqLmhlc2dlLmNoggho ZXNnZS5jaDAdBgNVHQ4EFgQU7oLjDWiXV2lnYiQo1X5VfNFFXeEwHwYDVR0jBBgw FoAUfG8KbxMP2YwkbyY081xrQ223I7YwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ KoZIhvcNAQELBQADggIBADgbtrjkPsl1dy/0I51FsEnhcVOB2/io224QGqLUU0d8 hGKNmQrwsf5K3z5Gk1GIPbbHiJ1ocZXtNXp1U31ZiIv+WUqwbT8nsley3NHcHuMA RSYcg/4ddkxBWxlftDS64cwGe13fFsBdm9r1FpFysfvpK171kBswYVft3CSEMGd1 n3P98uVbaN1qP5XanxDYmw4HRGi93ZIy3eIMasOUZw/qZu9DGDbD1ZvNZPPeSqH8 WppnMyx+XtbSKnFOfesYD4+s9B3jpqC62EnXWYYdiwN+sIysjLmoLWdNclaxDVQN WKWhfGmMWbZ/m4KsFKI4Yo8mwpPmpA2xypIQyo1dP5152Z78hHh0ZKqwTBvdo10X 6FVySc3optMK6VvZ2XOoom/r0kP1oztOdoKnxZ7wEAjjNUGwRwqhDp6iSixFbu4N tx8sMuAfsKgT8E9otsP7uF3fmmyf5oMqe/TLIJFvkKZBPUWnPggxGifvQjg1uBZv tzGpP9zjD0fj+plo5J2fPzuZDSXewYy93JXGx+Uu0y7K8UiGqa0uiHXXXnjjVLtX fcgJWXj5ELhXdb8+5OoAlEhsP8gi+TQCm3R4m4z0zGDvuFNtH0D7ypFnNAnTC1sa oU+gWRC9NlyMcaN4X1v9Ipns5GNYq5wb0l5mqD+IBEjaWcNEvklD9imm/8oCUTRR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu3X5tV4FW8D5cT7u3zz I3jlBooWFwLjdetPdShJ6Q5K+yevione9nyYQILBTdA44wqqtk7a7dNprAnvhvWG 8g9CFMVX3sMr2OU57+Xx8y9NV03KcEEuM4GYrWfce9jqie/ZYb3Rm0lTAt+PBZgK gvLHMXD7wexClea948R9rGF8mtlvHqCHbtTglXgKSjY4KI8LCLrQaY56KoNKpSh2 nK4UGpvIvwDlvabEeP1YUS8Y8KOXSwKAIqtmtusjAq/FZhVHxiPoWJKmsYndUTQ0 mc1/m4fxViycYX0KYQTfJi8Q3XC6aJhsppvatMeRTCFlvV3fVN6yRm2EKz9CaoBH mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 631768094922341402969324010731560702977212007041 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-26 12:30:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-26 12:30:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Carouge' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'HES-SO Genève' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.hesge.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24607516098457013758073239675424168984534060771938842227615391446764171862281031079617969406551191563713582803815478709225439562021299122114374923499404141813951883812317932063047829398841961576824090657762828596724278613137079501407107405410365197329085221333253941086506670031490832729315695648648824746396338796737248948324706786364506236626167355693443926157259943245021389027466806926060143326360733973250119101355413574281039912802253945521332372927547797476628760553836654606080133152850380201275661231852116365705439019305857807017914001061225450501425757269751023607749646945950535447217394726638375267223449 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hesge.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hesge.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ee82e30d6897576967622428d57e557cd1455de1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00381bb6b8e43ec975772ff4239d45b049e1715381dbf8a8db6e101aa2d453477c84628d990af0b1fe4adf3e469351883db6c7889d687195ed357a75537d59888bfe594ab06d3f27b257b2dcd1dc1ee30045261c83fe1d764c415b195fb434bae1cc067b5ddf16c05d9bdaf5169172b1fbe92b5ef5901b306157eddc24843067759f73fdf2e55b68dd6a3f95da9f10d89b0e074468bddd9232dde20c6ac394670fea66ef431836c3d59bcd64f3de4aa1fc5a9a67332c7e5ed6d22a714e7deb180f8facf41de3a6a0bad849d759861d8b037eb08cac8cb9a82d674d7256b10d540d58a5a17c698c59b67f9b82ac14a238628f26c293e6a40db1ca9210ca8d5d3f9d79d99efc84787464aab04c1bdda35d17e8557249cde8a6d30ae95bd9d973a8a26febd243f5a33b4e7682a7c59ef01008e33541b0470aa10e9ea24a2c456eee0db71f2c32e01fb0a813f04f68b6c3fbb85ddf9a6c9fe6832a7bf4cb20916f90a6413d45a73e08311a27ef423835b8166fb731a93fdce30f47e3fa9968e49d9f3f3b990d25dec18cbddc95c6c7e52ed32ecaf14886a9ad2e8875d75e78e354bb577dc8095978f910b85775bf3ee4ea0094486c3fc822f934029b74789b8cf4cc60efb8536d1f40fbca91673409d30b5b1aa14fa05910bd365c8c71a3785f5bfd2299ece46358ab9c1bd25e66a83f880448da59c344be4943f629a6ffca02513451