testgold.snb.ch
- Swiss National Bank -
Issued by SwissSign RSA TLS OV ICA 2021 - 1
About this certificate
This digital certificate with serial number 2d:b5:bc:d1:27:4e:e6:fd:9e:89:cf:de:f1:71:31:78:73:a4:79:14 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Swiss National Bank
Organization:
Swiss National Bank
State / Province:
ZH
Locality: Zurich
Country: CH
Locality: Zurich
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 2d:b5:bc:d1:27:4e:e6:fd:9e:89:cf:de:f1:71:31:78:73:a4:79:14Serial Number (int): 260957467849026254820194496269503285124986599700
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: 69:70:e9:f5:a8:92:08:a8:54:aa:c2:f8:79:fc:01:a7:41:26:32:ce
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d
Fingerprint (sha1): e0:80:95:9f:b7:91:45:9c:20:75:cf:2d:a6:32:48:58:78:dc:fe:dd
Fingerprint (sha256): 36:17:0a:f8:24:ad:1a:e5:40:02:be:29:3e:0e:6a:05:f4:29:31:b2:cf:29:b1:2b:f1:c1:8f:c8:bb:66:98:12
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D
Revocation information
OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3DCRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate testgold.snb.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for testgold.snb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
testgold.snb.ch
www.testgold.snb.ch
www.testgold.snb.ch
Other certificates including the domain name snb.ch
(limited to 100 certificates)
remotemail.snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
Certificate
The complete raw certificate details for testgold.snb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHODCCBSCgAwIBAgIULbW80SdO5v2eic/e8XExeHOkeRQwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMDMwMjA5 MzMyN1oXDTIzMDMwMjA5MzMyN1owYzELMAkGA1UEBhMCQ0gxCzAJBgNVBAgTAlpI MQ8wDQYDVQQHEwZadXJpY2gxHDAaBgNVBAoTE1N3aXNzIE5hdGlvbmFsIEJhbmsx GDAWBgNVBAMTD3Rlc3Rnb2xkLnNuYi5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAJV176uHyVkqXtn9Ap8t2MKClhPjwYca1k9nmjgNl3LYrnEr0vTT Szq57blSyUym2AKzpn8OYbrs5FH2hMXQGdHAosgfIQQIY0T9ph0hQxqWudWvy0cv mw3kYXi9SVeRPmoPcL0NRrk8ryX4iDnDgs7qr0uj6ehcpX9UjVxzud64gzCkf7rU 75Mz/Qn9ZhQejc2nTSEWlJn50jX9R4l05SGm/LH09qsh8PYvGYIwID2u8+lWqDLn uSFAV6G2/iFJhlVjuhwaZwlJ40Ub0IOyYJqNGXDAS0W6+HOKBbovM+0VXcHXj/sp XT4XGbHq2TBEXQEF/9JJudCSpo8zFKRRe+cCAwEAAaOCAvUwggLxMC8GA1UdEQQo MCaCD3Rlc3Rnb2xkLnNuYi5jaIITd3d3LnRlc3Rnb2xkLnNuYi5jaDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW BBRpcOn1qJIIqFSqwvh5/AGnQSYyzjAfBgNVHSMEGDAWgBSs0DrCwldVkWkRzHBq WTiKjKycPTCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2ln bi5uZXQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDCB qKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5ldC9DTj1BQ0Qw M0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5QzNEJTJDTz1Td2lzc1Np Z24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RD bGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBvBgNVHSAEaDBmMFAGCGCFdAFZAgEC MEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t L1N3aXNzU2lnbl9DUFNfVExTLnBkZjAIBgYEAI96AQcwCAYGZ4EMAQICMIHGBggr BgEFBQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQv Y2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvQUNEMDNBQzJDMjU3NTU5MTY5MTFD QzcwNkE1OTM4OEE4Q0FDOUMzRDBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Auc3dp c3NzaWduLm5ldC9BQ0QwM0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5 QzNEMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQBHaR5y YwkBoeDoxHIHt9QN7iUnpHO04wnGDBzDE5P/he2+9zOGErpA71/Y5NiQy7AsTL7B rqWWwb0Bvsz6PCJ1uDAGR3OmhpUqnwEEhJeZDP4TjxusU7G9jd7lAfHyuikkM0bv eWeN7stO3RHOF2rlN4/UrhC1lB60FgvzXC9iqbXzQkMkzvYAUZ2heyq6Dcso94jG 8lsWLomnzvQrK4yncxwHOK9WpFFZj11GppbYK4Zgyyt0OT57EH2yIjHEYIu14PnQ 7PsV4R8xP49EeEljnXOJR2y2ocwPXVA99eXUMBmOoTOxN70XSWtHdktcArBa8vSH BT4hmZSgqPYbhtd/YyODUsbqa6T0NSxF+WXiendXgP5igEotA8yHYLLia7Vii0YI 7z4/kkupKXSozTcsvnoD6cn6PnKR9P6ZNkuRa/+6hDVVV+nzWue37iipJ2cChdyp ReN63u+YsLh9lFzZ9W0eDE5xgKAFD/UYdrQsX6Bwm526FQBnO8pwXe61fExo6vgQ XoplrL81OtbqHsb9U9nvdiGFTMvuaLl+D4RmoKKG1YLOFDcPw9oZrSntC62oa6ga gOOJA+wMFNAgEHBE2/kOyFgNLcXRKOANehY8wgoUDXdkUb3ABqrC3unuY5Nblg5v Pl/mxi3Sf6/iDSs7G2Ay+M44D6XaO8Z+5/elvg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXXvq4fJWSpe2f0Cny3Y woKWE+PBhxrWT2eaOA2XctiucSvS9NNLOrntuVLJTKbYArOmfw5huuzkUfaExdAZ 0cCiyB8hBAhjRP2mHSFDGpa51a/LRy+bDeRheL1JV5E+ag9wvQ1GuTyvJfiIOcOC zuqvS6Pp6Fylf1SNXHO53riDMKR/utTvkzP9Cf1mFB6NzadNIRaUmfnSNf1HiXTl Iab8sfT2qyHw9i8ZgjAgPa7z6VaoMue5IUBXobb+IUmGVWO6HBpnCUnjRRvQg7Jg mo0ZcMBLRbr4c4oFui8z7RVdwdeP+yldPhcZserZMERdAQX/0km50JKmjzMUpFF7 5wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 260957467849026254820194496269503285124986599700 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-02 09:33:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-02 09:33:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zurich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Swiss National Bank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'testgold.snb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18867663953157318522898397136110642493215676978842657282384560568945156431182588460166503591749180824372621572581814742975629807739592195015297929469289589993043540912246910983550716141299214742259941238418368914222324780515244592992010008487953801981315032483236585311270327155151268541516683631767582534759985254090202390758052330218503535975117949811718565845191659509617608562180876094008392808699081061003984306928380207627963930728884991576540995793642701188398953608481208783277934626357404912418636312563526606532938925521584373900443512477672509872515271264145540795696936088589468582634606204082877184965607 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testgold.snb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.testgold.snb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6970e9f5a89208a854aac2f879fc01a7412632ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0047691e72630901a1e0e8c47207b7d40dee2527a473b4e309c60c1cc31393ff85edbef7338612ba40ef5fd8e4d890cbb02c4cbec1aea596c1bd01beccfa3c2275b830064773a686952a9f01048497990cfe138f1bac53b1bd8ddee501f1f2ba29243346ef79678deecb4edd11ce176ae5378fd4ae10b5941eb4160bf35c2f62a9b5f3424324cef600519da17b2aba0dcb28f788c6f25b162e89a7cef42b2b8ca7731c0738af56a451598f5d46a696d82b8660cb2b74393e7b107db22231c4608bb5e0f9d0ecfb15e11f313f8f447849639d7389476cb6a1cc0f5d503df5e5d430198ea133b137bd17496b47764b5c02b05af2f487053e219994a0a8f61b86d77f63238352c6ea6ba4f4352c45f965e27a775780fe62804a2d03cc8760b2e26bb5628b4608ef3e3f924ba92974a8cd372cbe7a03e9c9fa3e7291f4fe99364b916bffba84355557e9f35ae7b7ee28a927670285dca945e37adeef98b0b87d945cd9f56d1e0c4e7180a0050ff51876b42c5fa0709b9dba1500673bca705deeb57c4c68eaf8105e8a65acbf353ad6ea1ec6fd53d9ef7621854ccbee68b97e0f8466a0a286d582ce14370fc3da19ad29ed0bada86ba81a80e38903ec0c14d020107044dbf90ec8580d2dc5d128e00d7a163cc20a140d776451bdc006aac2dee9ee63935b960e6f3e5fe6c62dd27fafe20d2b3b1b6032f8ce380fa5da3bc67ee7f7a5be