nova-sc.stgag.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 7f:46:3e:18:b1:26:3a:3f:3b:ba:49:c0:f8:6f:d8:26:4a:ae:4d:84 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=nova-sc.stgag.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 7f:46:3e:18:b1:26:3a:3f:3b:ba:49:c0:f8:6f:d8:26:4a:ae:4d:84Serial Number (int): 726608289422501182359502493785922072259704278404
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 91:57:14:34:e5:3a:17:94:1d:a4:ea:78:dc:a9:5e:62:f9:fd:88:ad
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 61:d4:84:a4:f7:ee:0b:4e:44:87:94:10:93:4d:4c:d0:c7:be:19:23
Fingerprint (sha256): 3d:0d:39:09:e2:f4:d2:60:e0:6d:e8:0a:0f:72:6a:b4:26:be:15:11:37:61:3a:3e:38:c8:67:57:b1:51:b4:a4
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate nova-sc.stgag.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nova-sc.stgag.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nova-sc.stgag.ch
Other certificates including the domain name stgag.ch
(limited to 100 certificates)
imito-test.stgag.ch
af.stgag.ch
www.stgag.ch
pol.swiss
pol.swiss
pol.swiss
rekrutierung.stgag.ch
pol.swiss
pol.swiss
stgag.ch
imito-test.stgag.ch
pol.swiss
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
pol.swiss
www.stgag.ch
mail.stgag.ch
pol.swiss
www.stgag.ch
stgag.ch
www.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
stg-xapf.stgag.ch
am.stgag.ch
nova-sc.stgag.ch
stgag.ch
*.stgag.ch
stgag.ch
stgag.ch
jobportal.stgag.ch
pol.swiss
www.stgag.ch
imito.stgag.ch
imito.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
pol.swiss
expe.stgag.ch
*.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
*.stgag.ch
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
imito-test.stgag.ch
imito.stgag.ch
pol.swiss
jobportal.stgag.ch
jobportal.stgag.ch
stg-xapf.stgag.ch
stgag.ch
pol.swiss
jobportal.stgag.ch
stg-xapf.stgag.ch
expe.stgag.ch
www.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
imito.stgag.ch
stg-wifi-gast.stgag.ch
*.stgag.ch
imito.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
pol.swiss
imito-test.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
nova-sc.stgag.ch
imito-test.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
rekrutierung.stgag.ch
imito.stgag.ch
pol.swiss
stg-wifi-gast.stgag.ch
stgag.ch
jobportal.stgag.ch
af.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
am.stgag.ch
stgag.ch
stg-xapf.stgag.ch
af.stgag.ch
www.stgag.ch
pol.swiss
pol.swiss
pol.swiss
rekrutierung.stgag.ch
pol.swiss
pol.swiss
stgag.ch
imito-test.stgag.ch
pol.swiss
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
pol.swiss
www.stgag.ch
mail.stgag.ch
pol.swiss
www.stgag.ch
stgag.ch
www.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
stg-xapf.stgag.ch
am.stgag.ch
nova-sc.stgag.ch
stgag.ch
*.stgag.ch
stgag.ch
stgag.ch
jobportal.stgag.ch
pol.swiss
www.stgag.ch
imito.stgag.ch
imito.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
pol.swiss
expe.stgag.ch
*.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
*.stgag.ch
imito.stgag.ch
imito-test.stgag.ch
pol.swiss
imito-test.stgag.ch
imito.stgag.ch
pol.swiss
jobportal.stgag.ch
jobportal.stgag.ch
stg-xapf.stgag.ch
stgag.ch
pol.swiss
jobportal.stgag.ch
stg-xapf.stgag.ch
expe.stgag.ch
www.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
imito.stgag.ch
stg-wifi-gast.stgag.ch
*.stgag.ch
imito.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
pol.swiss
imito-test.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
nova-sc.stgag.ch
imito-test.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
rekrutierung.stgag.ch
imito.stgag.ch
pol.swiss
stg-wifi-gast.stgag.ch
stgag.ch
jobportal.stgag.ch
af.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
am.stgag.ch
stgag.ch
stg-xapf.stgag.ch
Certificate
The complete raw certificate details for nova-sc.stgag.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIdjCCBl6gAwIBAgIUf0Y+GLEmOj87uknA+G/YJkquTYQwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDQwMjA5 MzUyM1oXDTI1MDQwMjA5MzUyM1owGzEZMBcGA1UEAxMQbm92YS1zYy5zdGdhZy5j aDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI56APJcFWxlIoccPcay 2wjNuPMVbDIwt9aBEWS69NeIDHgCQae6NrxnVw9AvvJp/D0zVHxbtHbNKopLWsSz qxLKL6D763eucVfRK8CqF1WZGPNXwCuJJoq+x84DGJBfI3zYZfu5WLbqFBg27K4r X3WajsI1TyuQe2PWN1nzUn23U1wIRGpu5Ryn60Ry9wpz8EQJFth5B3oMODSj1q6V X9szjeTsmNzhrG03pUNKPqCgaHJgsPJg3uDexbPSKFED9rjapHqBc0y66fvbhsER Y2aE9FvPpFzRoaeaxvcH4VcniL1YLAvlZpqnl0NmsX8kHeoSvwOXm1moMnyTIl6A j5ECAwEAAaOCBHswggR3MIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZA aHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWlyLTFiODYzMzg1LWY0YTktNDdmYS04 OGE1LTJhNWFiZmQ0YTE2NzBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3Nz aWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjcz ZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECATAIBgYEAI96AQYwUAYIYIV0AVkCAQEw RDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20v U3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9j cmwuc3dpc3NzaWduLmNoL2NkcC02Nzk3MjNiMi04NjQxLTQ2NDItODUwMC1mNmQy ZmYzN2U2YmEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB /wQEAwIFoDAbBgNVHREEFDASghBub3ZhLXNjLnN0Z2FnLmNoMB0GA1UdDgQWBBSR VxQ05ToXlB2k6njcqV5i+f2IrTAfBgNVHSMEGDAWgBTrvX9Jk4zJ7uyiuvcc0mfw g7Hq3jCCAm4GCisGAQQB1nkCBAIEggJeBIICWgJYAHYATnWjJ1yaEMM4W2zU3z9S 6x3w4I4bjWnAsfpksWKaOd8AAAGOninN2QAABAMARzBFAiBUv79wcF35XgPJ8eoD CWPYR35rcSr9DsHloZad+OuSLAIhAIVpt01XGg0JfeUEDyFYXJyGHA7skJdRFMvw L7z23rY1AHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAGOninO XgAABAMARzBFAiBLyD1xcXYY1hDwAX4m5KRnPCXXa26MshxXVUry7lcDLQIhANoG 4gCriXfe2+Tf6uwMX/byKQoZfCs/LbTWcaaQYMzpAHUAKOKBOP2DIUXpqdaqdTdt g3eohRKzwH9yQUgh3L3pjGYAAAGOninRawAABAMARjBEAiBy//dWtw3JsrXaDggf 3rFsIDalW+OtKN6bJopVUhMHzQIgE8iUby611WkylzLNZuBG1kOCFbTBsThra2Qo dPf+RecAdgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY6eKc1J AAAEAwBHMEUCIQCLvMsf7+dlPIdhlhp7xLk1S4zsFZtP8DjSEbtSW8PIawIgCE21 e0/EzIMjkN9rZD0WRoYvoObbUsxWPckr8yFwhggAdwDM+w9qhXEJZf6Vm1PO6bJ8 IumFXA2XjbapflTA/kwNsAAAAY6eKc2RAAAEAwBIMEYCIQDhgzHpSQne1bNgo4sB r8vuTZ612ML+zZEvYI35b2QOtQIhAMecNlFn14flUlyfUwsFw4+3doKvXQTnG3zP QZMd4U6VMA0GCSqGSIb3DQEBCwUAA4ICAQBxhFRS8ZIvyTl19Verq90zU4o3XD/2 jrJHt+h9+r3XOPo9p3NsZWf/4z665ypkZ0+vaXnJk1LiJDbBogYKPNmjNjCS5a65 px3kzdstOBSQjJV+4xm7B59mynDYELi4Siua4nYIharFNdFXW1bIJ4s3Ktxk+LG8 yO4gPY2uhf2hmmZohQ6wa/p8IqVRe7mfdeNazRnQWL4gvePBanjkrcpuAjiTRqE2 PzylLIuqiw0kkcAOI10zh7NG0uvGPLUjCOEr6iUAyf3t6fu8yYb34GjOaNFTrjkv OoD7O7OejdBbFVbN4bserwbjWMc2jmxjhLFwkqEyix3QGChL023o3DVHVVVz6vpM Zo5MseKnEBrVTEEh3CZ+pQNarJ7FPnjjK/ueSVhknSW1SQv508KwkDzJG1e26yc9 Xjah8grCuQzJNvXL5TZelds97jJiW/P5Bwkal+1rRNP+0I9Hh2Bkof7QocrgKTGC wZr71Cx2h1QA4VWaC2l57G8XZk0rZ8pSxa905Scj0L6mkM2kNtjAUMdc24/S0/+7 pz/U/f0VvQpEvfuZwZXOHRSWQohSs5WvFWra/Xon+bdr/sMyp95TtA5NTdYkBxEc w/WBAXAX21PKs/qhuHLo3jLKyo2Ts5Quk8XhdfwJv/QeQoeRz9Kf6Xc/EBihZy3e 3coRWLVfh/fWhQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnoA8lwVbGUihxw9xrLb CM248xVsMjC31oERZLr014gMeAJBp7o2vGdXD0C+8mn8PTNUfFu0ds0qiktaxLOr EsovoPvrd65xV9ErwKoXVZkY81fAK4kmir7HzgMYkF8jfNhl+7lYtuoUGDbsritf dZqOwjVPK5B7Y9Y3WfNSfbdTXAhEam7lHKfrRHL3CnPwRAkW2HkHegw4NKPWrpVf 2zON5OyY3OGsbTelQ0o+oKBocmCw8mDe4N7Fs9IoUQP2uNqkeoFzTLrp+9uGwRFj ZoT0W8+kXNGhp5rG9wfhVyeIvVgsC+VmmqeXQ2axfyQd6hK/A5ebWagyfJMiXoCP kQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 726608289422501182359502493785922072259704278404 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-02 09:35:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-02 09:35:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nova-sc.stgag.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17986001570999465317146596315509860955848077125941741965505613120849680368163015978990730440070146993654397815319439324205762969639898406819828070074117158720036071881705929477567188915797865905798756799410469672138178104225633847733914002888797126359336292118896116117800310623781837705815239704962946132913264904601838231433114526834588529213090942943264510722109906671302224813484546595563151337759134780345269453397414833753037754121629143067880750652174312712783626394901481868736918515319459712974685347789360775185481942395769226124518557314839097669437805767291429322140514582409483248695726648391062108802961 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nova-sc.stgag.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 91571434e53a17941da4ea78dca95e62f9fd88ad . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes) 02580076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e9e29cdd90000040300473045022054bfbf70705df95e03c9f1ea030963d8477e6b712afd0ec1e5a1969df8eb922c0221008569b74d571a0d097de5040f21585c9c861c0eec90975114cbf02fbcf6deb6350076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018e9e29ce5e000004030047304502204bc83d71717618d610f0017e26e4a4673c25d76b6e8cb21c57554af2ee57032d022100da06e200ab8977dedbe4dfeaec0c5ff6f2290a197c2b3f2db4d671a69060cce900750028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018e9e29d16b0000040300463044022072fff756b70dc9b2b5da0e081fdeb16c2036a55be3ad28de9b268a55521307cd022013c8946f2eb5d569329732cd66e046d6438215b4c1b1386b6b642874f7fe45e7007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e9e29cd4900000403004730450221008bbccb1fefe7653c8761961a7bc4b9354b8cec159b4ff038d211bb525bc3c86b0220084db57b4fc4cc832390df6b643d1646862fa0e6db52cc563dc92bf321708608007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018e9e29cd910000040300483046022100e18331e94909ded5b360a38b01afcbee4d9eb5d8c2fecd912f608df96f640eb5022100c79c365167d787e5525c9f530b05c38fb77682af5d04e71b7ccf41931de14e95 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0071845452f1922fc93975f557ababdd33538a375c3ff68eb247b7e87dfabdd738fa3da7736c6567ffe33ebae72a64674faf6979c99352e22436c1a2060a3cd9a3363092e5aeb9a71de4cddb2d3814908c957ee319bb079f66ca70d810b8b84a2b9ae2760885aac535d1575b56c8278b372adc64f8b1bcc8ee203d8dae85fda19a6668850eb06bfa7c22a5517bb99f75e35acd19d058be20bde3c16a78e4adca6e02389346a1363f3ca52c8baa8b0d2491c00e235d3387b346d2ebc63cb52308e12bea2500c9fdede9fbbcc986f7e068ce68d153ae392f3a80fb3bb39e8dd05b1556cde1bb1eaf06e358c7368e6c6384b17092a1328b1dd018284bd36de8dc3547555573eafa4c668e4cb1e2a7101ad54c4121dc267ea5035aac9ec53e78e32bfb9e4958649d25b5490bf9d3c2b0903cc91b57b6eb273d5e36a1f20ac2b90cc936f5cbe5365e95db3dee32625bf3f907091a97ed6b44d3fed08f47876064a1fed0a1cae0293182c19afbd42c76875400e1559a0b6979ec6f17664d2b67ca52c5af74e52723d0bea690cda436d8c050c75cdb8fd2d3ffbba73fd4fdfd15bd0a44bdfb99c195ce1d1496428852b395af156adafd7a27f9b76bfec332a7de53b40e4d4dd62407111cc3f581017017db53cab3faa1b872e8de32caca8d93b3942e93c5e175fc09bff41e428791cfd29fe9773f1018a1672ddeddca1158b55f87f7d685