stg-xapf.stgag.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 5f:e2:b2:8a:13:ab:9b:9b:19:df:2f:aa:6b:b5:6e:15:20:ec:3f:24 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=stg-xapf.stgag.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 5f:e2:b2:8a:13:ab:9b:9b:19:df:2f:aa:6b:b5:6e:15:20:ec:3f:24Serial Number (int): 547409644615141534790130351348013152762449379108
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 7c:b4:08:08:b2:67:c4:ab:bd:44:af:01:74:dc:e9:6a:c4:69:86:cb
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): ef:cd:9b:b7:58:99:48:18:b9:55:dc:cb:77:8e:7a:9f:cc:d7:3a:92
Fingerprint (sha256): 38:a7:1f:b7:7b:d5:ce:2b:e8:ea:29:e9:6e:06:de:4f:fe:dd:6d:f4:aa:a6:e4:df:0f:ea:f0:af:b8:3a:ed:2c
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate stg-xapf.stgag.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for stg-xapf.stgag.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
stg-xapf.stgag.ch
stg-xapf-test.stgag.ch
stg-xapf-test.stgag.ch
Other certificates including the domain name stgag.ch
(limited to 100 certificates)
imito-test.stgag.ch
af.stgag.ch
www.stgag.ch
pol.swiss
pol.swiss
pol.swiss
rekrutierung.stgag.ch
pol.swiss
pol.swiss
stgag.ch
imito-test.stgag.ch
pol.swiss
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
pol.swiss
www.stgag.ch
mail.stgag.ch
pol.swiss
www.stgag.ch
stgag.ch
www.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
stg-xapf.stgag.ch
am.stgag.ch
nova-sc.stgag.ch
stgag.ch
*.stgag.ch
stgag.ch
stgag.ch
jobportal.stgag.ch
pol.swiss
www.stgag.ch
imito.stgag.ch
imito.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
pol.swiss
expe.stgag.ch
*.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
*.stgag.ch
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
imito-test.stgag.ch
imito.stgag.ch
pol.swiss
jobportal.stgag.ch
jobportal.stgag.ch
stg-xapf.stgag.ch
stgag.ch
pol.swiss
jobportal.stgag.ch
stg-xapf.stgag.ch
expe.stgag.ch
www.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
imito.stgag.ch
stg-wifi-gast.stgag.ch
*.stgag.ch
imito.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
pol.swiss
imito-test.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
nova-sc.stgag.ch
imito-test.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
rekrutierung.stgag.ch
imito.stgag.ch
pol.swiss
stg-wifi-gast.stgag.ch
stgag.ch
jobportal.stgag.ch
af.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
am.stgag.ch
stgag.ch
stg-xapf.stgag.ch
af.stgag.ch
www.stgag.ch
pol.swiss
pol.swiss
pol.swiss
rekrutierung.stgag.ch
pol.swiss
pol.swiss
stgag.ch
imito-test.stgag.ch
pol.swiss
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
pol.swiss
www.stgag.ch
mail.stgag.ch
pol.swiss
www.stgag.ch
stgag.ch
www.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
stg-xapf.stgag.ch
am.stgag.ch
nova-sc.stgag.ch
stgag.ch
*.stgag.ch
stgag.ch
stgag.ch
jobportal.stgag.ch
pol.swiss
www.stgag.ch
imito.stgag.ch
imito.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
pol.swiss
expe.stgag.ch
*.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
*.stgag.ch
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
imito-test.stgag.ch
imito.stgag.ch
pol.swiss
jobportal.stgag.ch
jobportal.stgag.ch
stg-xapf.stgag.ch
stgag.ch
pol.swiss
jobportal.stgag.ch
stg-xapf.stgag.ch
expe.stgag.ch
www.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
imito.stgag.ch
stg-wifi-gast.stgag.ch
*.stgag.ch
imito.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
pol.swiss
imito-test.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
nova-sc.stgag.ch
imito-test.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
rekrutierung.stgag.ch
imito.stgag.ch
pol.swiss
stg-wifi-gast.stgag.ch
stgag.ch
jobportal.stgag.ch
af.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
am.stgag.ch
stgag.ch
stg-xapf.stgag.ch
Certificate
The complete raw certificate details for stg-xapf.stgag.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIGTCCBgGgAwIBAgIUX+KyihOrm5sZ3y+qa7VuFSDsPyQwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDMyNjE0 NTcwMFoXDTI1MDMyNjE0NTcwMFowHDEaMBgGA1UEAxMRc3RnLXhhcGYuc3RnYWcu Y2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf6iVzPQpbDdiVIaB9 QGcbcopZr5xOjkVNaZWhN9LhkHDjb2+dm5OGiCmdzq5ccQTDykp83Bnr9bi7HtfT vhyt1LCYEmasF5tjTTJiuxR0qw0l1l7rXGAqIdd5FPzHRWRiCJ1pRjQe1P0C/sL9 tl+MP23be+RBzSCbARVVa6g+flA940qGbc+TbnqzQWv+ORzgxkpqdzYFYwOUQeov ygtFD+fCGC5ZDYm0erED7Okz+SxYnaKJhpngaSmh8Wk6WZkGJNpz37+k2yv3fdL8 TpZpRXKignotMTIc2EvtPxvKKt9CQxbXmhHUlOMOu0aUQPnKN5v8k/n8+NHCsr7r M4ppAgMBAAGjggQdMIIEGTCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKG QGh0dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0xYjg2MzM4NS1mNGE5LTQ3ZmEt ODhhNS0yYTVhYmZkNGExNjcwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNz c2lnbi5jaC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3 M2VmZWMwbwYDVR0gBGgwZjAIBgZngQwBAgEwCAYGBACPegEGMFAGCGCFdAFZAgEB MEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t L1N3aXNzU2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8v Y3JsLnN3aXNzc2lnbi5jaC9jZHAtNjc5NzIzYjItODY0MS00NjQyLTg1MDAtZjZk MmZmMzdlNmJhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B Af8EBAMCBaAwNAYDVR0RBC0wK4IRc3RnLXhhcGYuc3RnYWcuY2iCFnN0Zy14YXBm LXRlc3Quc3RnYWcuY2gwHQYDVR0OBBYEFHy0CAiyZ8SrvUSvAXTc6WrEaYbLMB8G A1UdIwQYMBaAFOu9f0mTjMnu7KK69xzSZ/CDsereMIIB9wYKKwYBBAHWeQIEAgSC AecEggHjAeEAdwAo4oE4/YMhRemp1qp1N22Dd6iFErPAf3JBSCHcvemMZgAAAY57 Q8ZpAAAEAwBIMEYCIQC1fhdGATyd6GBrOS2jQcape/DPdKdf8jbA9AEyAMR6OwIh ANx3F2zzFz0DEEMjPqRgmFdQByu79oxF3GAAfemdrcIzAHcAzxFW7tUufK/zh1vZ aS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOe0O/fAAABAMASDBGAiEAk40O39liq9Bc gI2aCTuAZlfzWZgtBffbrPuf/aMuRX0CIQCkkNK7DWlW06vRR0LvmnxHY5NaB+K+ EUC+FEMO6sSK6AB2AMz7D2qFcQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAAB jntDv+QAAAQDAEcwRQIgL5yAaiImqP6gRfyFsGm3n2LKcPo95DGVLXENEO10b3IC IQDaiWYmMy7UkD+LhtGEWdsLgIuQ7ynxl9RMV9wDlsUglAB1AE51oydcmhDDOFts 1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjntDwacAAAQDAEYwRAIgYTSA9pY57Lk9 LKFsXU03f47R87enw0PS7ac+vLqbb7gCICFBA+gcdqh9fLCzGgM2PRMg52nbhpri z1XSURchF/nNMA0GCSqGSIb3DQEBCwUAA4ICAQBK8Ti6Fhof8av6tMw7eYkuEKHT JuW5Eid5yYCRNTDCHlV1Z6xRwtJpYtPwQ2Y7320biNyyCNlh5kO8LJOIA+iyjUKY /ml+EWNMQPj+08O86zWtDZLshhUkiCJ9dHQT66li+J2pCutNuTbu82Ix9f6W77Yn eFBLnOaEdzGDBAJgZWp87kGselHSk7ohkvJtT0W5hSIb2y4b2lL/ZnTz9YUYbfyH F+71h5z5Ns1wai5DcqoD6PA124Gku5oTtaAzRB0lfUzhfHqIafshxskDJQUT+T4z 3pM7/92nlMYL4LyrlNom9TaFizW9HbXGsXKtwO1SUGda+pLj6GfNso9JJQCa7VNW NlZx53q92ce4aTnegtk0292KpOrCOK+ipcunF9jvLbbflDEJTvUJDKC0g+RFW0LF QaKT2i0fe5Ai2AKLtrNgabnYPw6/QdMO7vdz8Vco4DZu3C2uilMleoS8UYXnVE2O AaOKmvzgpZ/qi5OxFYF6DJiy2usANoyaxqdhdAGNoe/YudYH2X4+gOaNZdoSLY3Z /j1eTUTM3gVlW3IYVyEJ9TQN6ltxp9nX+wqlCSDeYgadIDQpgA7awxwdSLyTLwlC 7QQ71IWBM++4IOTXWksoU3PsgABTEdXamP8Ls19CYZsahNlvg75I2BQ2+6abx9qq a9WkCOeFZ2LDAluXHQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+olcz0KWw3YlSGgfUBn G3KKWa+cTo5FTWmVoTfS4ZBw429vnZuThogpnc6uXHEEw8pKfNwZ6/W4ux7X074c rdSwmBJmrBebY00yYrsUdKsNJdZe61xgKiHXeRT8x0VkYgidaUY0HtT9Av7C/bZf jD9t23vkQc0gmwEVVWuoPn5QPeNKhm3Pk256s0Fr/jkc4MZKanc2BWMDlEHqL8oL RQ/nwhguWQ2JtHqxA+zpM/ksWJ2iiYaZ4GkpofFpOlmZBiTac9+/pNsr933S/E6W aUVyooJ6LTEyHNhL7T8byirfQkMW15oR1JTjDrtGlED5yjeb/JP5/PjRwrK+6zOK aQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 547409644615141534790130351348013152762449379108 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-26 14:57:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-26 14:57:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stg-xapf.stgag.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28266603846178675041086264563298338311060435320930129032843034648994468419047435972049095573440603891100454940269120545040364534105581350073431081162709186965023407134757692563680521287553949771734539855375285130592858135662973096469471695608799813137234133462036911549897537178310638278352486625360893797198724624597744964853321777104131925105337261958388399323222928757241476484615319190383318441653271006540953263710709599221804043333397430177790520827098609431759260916896388802466184632995556713582601968325643229848808713045144837785184670868143932585222018867392084353561792679317271192883831550616499895110249 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-xapf.stgag.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-xapf-test.stgag.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7cb40808b267c4abbd44af0174dce96ac46986cb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) 01e100770028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018e7b43c6690000040300483046022100b57e1746013c9de8606b392da341c6a97bf0cf74a75ff236c0f4013200c47a3b022100dc77176cf3173d031043233ea460985750072bbbf68c45dc60007de99dadc233007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e7b43bf7c0000040300483046022100938d0edfd962abd05c808d9a093b806657f359982d05f7dbacfb9ffda32e457d022100a490d2bb0d6956d3abd14742ef9a7c4763935a07e2be1140be14430eeac48ae8007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018e7b43bfe4000004030047304502202f9c806a2226a8fea045fc85b069b79f62ca70fa3de431952d710d10ed746f72022100da896626332ed4903f8b86d18459db0b808b90ef29f197d44c57dc0396c520940075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e7b43c1a700000403004630440220613480f69639ecb93d2ca16c5d4d377f8ed1f3b7a7c343d2eda73ebcba9b6fb80220214103e81c76a87d7cb0b31a03363d1320e769db869ae2cf55d251172117f9cd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 004af138ba161a1ff1abfab4cc3b79892e10a1d326e5b9122779c980913530c21e557567ac51c2d26962d3f043663bdf6d1b88dcb208d961e643bc2c938803e8b28d4298fe697e11634c40f8fed3c3bceb35ad0d92ec86152488227d747413eba962f89da90aeb4db936eef36231f5fe96efb62778504b9ce684773183040260656a7cee41ac7a51d293ba2192f26d4f45b985221bdb2e1bda52ff6674f3f585186dfc8717eef5879cf936cd706a2e4372aa03e8f035db81a4bb9a13b5a033441d257d4ce17c7a8869fb21c6c903250513f93e33de933bffdda794c60be0bcab94da26f536858b35bd1db5c6b172adc0ed5250675afa92e3e867cdb28f4925009aed5356365671e77abdd9c7b86939de82d934dbdd8aa4eac238afa2a5cba717d8ef2db6df9431094ef5090ca0b483e4455b42c541a293da2d1f7b9022d8028bb6b36069b9d83f0ebf41d30eeef773f15728e0366edc2dae8a53257a84bc5185e7544d8e01a38a9afce0a59fea8b93b115817a0c98b2daeb00368c9ac6a76174018da1efd8b9d607d97e3e80e68d65da122d8dd9fe3d5e4d44ccde05655b7218572109f5340dea5b71a7d9d7fb0aa50920de62069d203429800edac31c1d48bc932f0942ed043bd4858133efb820e4d75a4b285373ec80005311d5da98ff0bb35f42619b1a84d96f83be48d81436fba69bc7daaa6bd5a408e7856762c3025b971d