test2.empa.ch
Issued by SwissSign RSA TLS DV ICA 2021 - 1
About this certificate
This digital certificate with serial number 1c:44:0e:a4:c7:7e:6f:eb:87:34:f7:5e:b1:1e:44:16:df:0b:43:e2 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=test2.empa.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 1c:44:0e:a4:c7:7e:6f:eb:87:34:f7:5e:b1:1e:44:16:df:0b:43:e2Serial Number (int): 161369467900051679302815869965280508270554596322
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: 16:36:c3:91:34:6c:8a:ca:29:68:83:b5:7f:0b:02:9f:0b:20:9c:2f
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87
Fingerprint (sha1): d9:48:43:d1:cb:74:70:d4:a1:75:c8:95:79:8a:0c:58:a7:18:17:a1
Fingerprint (sha256): 36:52:37:18:29:a9:32:a8:2c:c1:d5:41:35:54:3a:c6:df:d3:70:1c:b3:c2:c9:a3:67:0e:70:af:ae:f7:a6:0e
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587
Revocation information
OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate test2.empa.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for test2.empa.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
test2.empa.ch
www.test2.empa.ch
www.test2.empa.ch
Other certificates including the domain name empa.ch
(limited to 100 certificates)
certest-win.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sbc.empa.ch
test.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
www.nest.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sbc.empa.ch
sip.empa.ch
test.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sbc.empa.ch
test.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
www.nest.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sbc.empa.ch
sip.empa.ch
test.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
Certificate
The complete raw certificate details for test2.empa.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG6TCCBNGgAwIBAgIUHEQOpMd+b+uHNPdesR5EFt8LQ+IwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMDUyMzEx MTgwMVoXDTIzMDUyMzExMTgwMVowGDEWMBQGA1UEAxMNdGVzdDIuZW1wYS5jaDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMHNP4zr/Z8ea70+qONcO7lu d2PkwVLfsatbJl3xrQ+OQzcDqn+2IgTMgowFAPLef7a37ErnvzhprDw+6ighJYp5 HRuNdqKMwIGVaxZeKNlSbIeNZUNjXzDUmtfahwLZuVtde/NQoM108dasb6ZcFzlE WxD/lkVXV6WpFDuGg44HkbYr5gzr0GwbSfiOHqDQHrsyoJSyV8y8CsMSTWdbDUOm GTwzTZONb/x/w5l0QWP26uNgcVxhFCF5hOuqafLhh+kwqFBv3lzCVyQNyxHs3dUs tVddePwEM+XdlieHVCbaZ/nhXIzDkQ8Hc85WM0A12U0fSKbhtMmg5dd0Jy8WgokC AwEAAaOCAvEwggLtMCsGA1UdEQQkMCKCDXRlc3QyLmVtcGEuY2iCEXd3dy50ZXN0 Mi5lbXBhLmNoMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwHQYDVR0OBBYEFBY2w5E0bIrKKWiDtX8LAp8LIJwvMB8GA1UdIwQY MBaAFDyeUnkDY29PnIEb0yhwDCRa6qWHMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0 dHA6Ly9jcmwuc3dpc3NzaWduLm5ldC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMy ODcwMEMyNDVBRUFBNTg3MIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lz c3NpZ24ubmV0L0NOPTNDOUU1Mjc5MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFF QUE1ODclMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9u TGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MG8GA1Ud IARoMGYwUAYIYIV0AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0 b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMAgGBgQAj3oB BjAIBgZngQwBAgEwgcYGCCsGAQUFBwEBBIG5MIG2MGQGCCsGAQUFBzAChlhodHRw Oi8vc3dpc3NzaWduLm5ldC9jZ2ktYmluL2F1dGhvcml0eS9kb3dubG9hZC8zQzlF NTI3OTAzNjM2RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3ME4GCCsGAQUFBzAB hkJodHRwOi8vb2NzcC5zd2lzc3NpZ24ubmV0LzNDOUU1Mjc5MDM2MzZGNEY5Qzgx MUJEMzI4NzAwQzI0NUFFQUE1ODcwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZI hvcNAQELBQADggIBAI90BQ2BC13ctdu2CFj9vyLqy1K+bwZu5CA2W+QE5ld8Czva oY+GpF7sizAiE1WJCECes2N9fLTcKMf0XaJGd7E/kuBFnXMglBq65cNkDPL40YvY 03UPR/bY2lZzjieqHqHVw7xN3k4NGQkA9A4mhybHMxWM+KyPVNj9Q3qSkrj3J72S XTDjQs2gqVc9uRiB5hZk94GlbtoRRX4BZvsCu0pO5RsWO6ozD5ecWWiA22EwejMl zBN2W9Im31PRmGQ4IA8AFVS+Rzqsn7e1D4Q+If5Q+EyX7JF0UkboGCK0FRuxJOJ8 fASTQzFAYUnWqARtqEIoMlvO7cTtQwzgnNF0Ran2zwZZvJkLcrxR0L/GSWKGQuy+ 6NaFEwXyWoDFigQsiVXFPYVXd3ecFwqzJiQWBICE/xx7tXP1BGuQTJkO1cpqTcm2 bGVKWtckTFGROjd59BJDAD1B1UIlFBxXtRr+M7r3DFt592oujcZ5bm8ZHmlj8paX rR4npAOGdhOiyh2HRRxz4n765PpEaZy5OCI5zg+zpBk47uheEvuwhypMCbSAUv9W XYR6sZdL+Qi6crxI7zY7FEqHMCHVKDgAH05dwTlaleQVyw83y3VOpkUFLn/ROBpi obtWH7Pg3Q457xa0aFGjRwOPXOWcDkWyZF7TIw4ugciyPMdZynsctjFtAPwT -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc0/jOv9nx5rvT6o41w7 uW53Y+TBUt+xq1smXfGtD45DNwOqf7YiBMyCjAUA8t5/trfsSue/OGmsPD7qKCEl inkdG412oozAgZVrFl4o2VJsh41lQ2NfMNSa19qHAtm5W11781CgzXTx1qxvplwX OURbEP+WRVdXpakUO4aDjgeRtivmDOvQbBtJ+I4eoNAeuzKglLJXzLwKwxJNZ1sN Q6YZPDNNk41v/H/DmXRBY/bq42BxXGEUIXmE66pp8uGH6TCoUG/eXMJXJA3LEezd 1Sy1V114/AQz5d2WJ4dUJtpn+eFcjMORDwdzzlYzQDXZTR9IpuG0yaDl13QnLxaC iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 161369467900051679302815869965280508270554596322 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-05-23 11:18:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-23 11:18:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test2.empa.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24465204539799720830150958796431451282701197941534730773292467477639597438584365702693345633045980932160956957329287524306983038316777671201803407396741922562357411084451994772608339263370873760547298586126915388664021613809976124401150407357658867061923327744829465880576179421420407991131607689557653700829687493711735699966670435976209108041233375341115497134488828069561590822316420004313926886044122690543866166305832691744112891763817462040183331583800882403284089450083937679397903018995082343055716313165668576156581139787885257333513086092073625673453843276333551891522415574989924712138029730667330283143817 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test2.empa.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.test2.empa.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1636c391346c8aca296883b57f0b029f0b209c2f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 008f74050d810b5ddcb5dbb60858fdbf22eacb52be6f066ee420365be404e6577c0b3bdaa18f86a45eec8b302213558908409eb3637d7cb4dc28c7f45da24677b13f92e0459d7320941abae5c3640cf2f8d18bd8d3750f47f6d8da56738e27aa1ea1d5c3bc4dde4e0d190900f40e268726c733158cf8ac8f54d8fd437a9292b8f727bd925d30e342cda0a9573db91881e61664f781a56eda11457e0166fb02bb4a4ee51b163baa330f979c596880db61307a3325cc13765bd226df53d1986438200f001554be473aac9fb7b50f843e21fe50f84c97ec91745246e81822b4151bb124e27c7c04934331406149d6a8046da84228325bceedc4ed430ce09cd17445a9f6cf0659bc990b72bc51d0bfc649628642ecbee8d6851305f25a80c58a042c8955c53d855777779c170ab3262416048084ff1c7bb573f5046b904c990ed5ca6a4dc9b66c654a5ad7244c51913a3779f41243003d41d54225141c57b51afe33baf70c5b79f76a2e8dc6796e6f191e6963f29697ad1e27a403867613a2ca1d87451c73e27efae4fa44699cb9382239ce0fb3a41938eee85e12fbb0872a4c09b48052ff565d847ab1974bf908ba72bc48ef363b144a873021d52838001f4e5dc1395a95e415cb0f37cb754ea645052e7fd1381a62a1bb561fb3e0dd0e39ef16b46851a347038f5ce59c0e45b2645ed3230e2e81c8b23cc759ca7b1cb6316d00fc13