www.bzv-medienhaus.de

- BZV Medienhaus GmbH -

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate

This digital certificate with serial number 12:69:4b:ad:3a:7c:90:3c:89:fa:45:00:0a:b7:b0:dd:e5:15:86:1b was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

BZV Medienhaus GmbH

Organization: BZV Medienhaus GmbH
Organization unit: Online
State / Province: Niedersachsen
Locality: Braunschweig
Country: DE

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 12:69:4b:ad:3a:7c:90:3c:89:fa:45:00:0a:b7:b0:dd:e5:15:86:1b
Serial Number (int): 105110004488711180236268635770508928523837998619
Serial Number lenght: 157 bits, 20 octets

SubjectKeyId: 83:43:e2:7c:ae:f2:60:dc:48:97:fb:47:cd:db:27:5f:08:72:57:3b
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): 7f:47:b3:01:c2:5e:26:9f:bf:4f:59:2b:c1:90:c4:59:e2:0b:1f:26
Fingerprint (sha256): 3e:8a:ad:ab:67:38:90:96:5a:86:77:98:03:63:c9:d8:d5:2c:30:6b:a6:e1:9a:65:48:1a:20:90:88:a6:bb:99

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate www.bzv-medienhaus.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.bzv-medienhaus.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.bzv-medienhaus.de
bzv-medienhaus.de

Other certificates including the domain name bzv-medienhaus.de

(limited to 100 certificates)
bzv-medienhaus.de
bzv-medienhaus.de
*.funkemedien.de
www.funkemedien.de
bzv-medienhaus.de
www.funkemedien.de
*.fabo-live.funkemedien.de
bzv-medienhaus.de
bzv-medienhaus.de
bzv-medienhaus.de
bzv-medienhaus.de
*.funkemedien.de
www.bzv-medienhaus.de
www.funkemedien.de
*.fabo-live.funkemedien.de
*.funkemedien.de
bzv-medienhaus.de
*.funkemedien.de
bzv-medienhaus.de
bzv-medienhaus.de
bzv-medienhaus.de
bzv-medienhaus.de
*.fabo-live.funkemedien.de
*.funkemedien.de
www.bzv-medienhaus.de
bzv-medienhaus.de
www.funkemedien.de
bzv-medienhaus.de
*.funkemedien.de
www.bzv-medienhaus.de
bzv-medienhaus.de
*.fabo-live.funkemedien.de
www.bzv-medienhaus.de
bzv-medienhaus.de
www.funkemedien.de
www.funkemedien.de
www.funkemedien.de
bzv-medienhaus.de
bzv-medienhaus.de
bzv-medienhaus.de
www.bzv-medienhaus.de
bzv-medienhaus.de
bzv-medienhaus.de
www.bzv-medienhaus.de
*.fabo-live.funkemedien.de
*.fabo-live.funkemedien.de
*.funkemedien.de

Certificate

The complete raw certificate details for www.bzv-medienhaus.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIXjCCB0agAwIBAgIUEmlLrTp8kDyJ+kUACrew3eUVhhswDQYJKoZIhvcNAQEL
BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE
AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTkwMjI1
MDkyOTM5WhcNMjEwMjI1MDkyOTM5WjCBizELMAkGA1UEBhMCREUxFjAUBgNVBAgT
DU5pZWRlcnNhY2hzZW4xFTATBgNVBAcTDEJyYXVuc2Nod2VpZzEcMBoGA1UEChMT
QlpWIE1lZGllbmhhdXMgR21iSDEPMA0GA1UECxMGT25saW5lMR4wHAYDVQQDExV3
d3cuYnp2LW1lZGllbmhhdXMuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDqRiwXp8hFPKBeXfvVoSTakFTNVXRfpyVKScqR7UCixOPRhWHfTLt/0oZK
RUJA6LBloaI+cJAEJJT3ZuNHjqKLWgNx3m+Vq/Hr2o0+wBVj/g3M6p3WXOUWsweu
0MyMtCK82nB3XgFltiHkRNaeIAQ7s2R1Ac1MwBM+3sfOvPahJcOwYVGi3YnL+/EL
zPDEnQ95IesEypkzNGB7LBu2cHI6bAkVMpVL9Ek+PP7lSoOSAkmuMhWl7xUiPQqr
VBMEz0MoXWbfFz9mjh9GSG6ZXZ/oAKvMO2UUwF1YQTBIFrkRfnzzEIIlT4zkKCfl
h96GGMG4QjDH19TT1Bk24mDy1P3XAgMBAAGjggTwMIIE7DAzBgNVHREELDAqghV3
d3cuYnp2LW1lZGllbmhhdXMuZGWCEWJ6di1tZWRpZW5oYXVzLmRlMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
FIND4nyu8mDcSJf7R83bJ18Iclc7MB8GA1UdIwQYMBaAFOfx5/0uU60R5YEaV6Rz
jxJ9mMiuMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWdu
Lm5ldC9FN0YxRTdGRDJFNTNBRDExRTU4MTFBNTdBNDczOEYxMjdEOThDOEFFMIGo
oIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPUU3RjFF
N0ZEMkU1M0FEMTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4QUUlMkNPPVN3aXNzU2ln
biUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENs
YXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MHMGA1UdIARsMGowVAYJYIV0AVkBAgEL
MEcwRQYIKwYBBQUHAgEWOWh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20v
U3dpc3NTaWduLUdvbGQtQ1AtQ1BTLnBkZjAIBgYEAI96AQcwCAYGZ4EMAQICMIHV
BggrBgEFBQcBAQSByDCBxTBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5u
ZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvRTdGMUU3RkQyRTUzQUQxMUU1
ODExQTU3QTQ3MzhGMTI3RDk4QzhBRTBdBggrBgEFBQcwAYZRaHR0cDovL2dvbGQt
c2VydmVyLWcyLm9jc3Auc3dpc3NzaWduLm5ldC9FN0YxRTdGRDJFNTNBRDExRTU4
MTFBNTdBNDczOEYxMjdEOThDOEFFMIIB9QYKKwYBBAHWeQIEAgSCAeUEggHhAd8A
dgBElGUusO7Or8RAB9io/ijA2uaCvtjLMbU/0zOWtbaBqAAAAWkj/RIKAAAEAwBH
MEUCIQCpfMcL0gU/9JTvAueeTb6ZpxKGEdYFYAQJhLWOIu7hWgIgQyZI3QW4qaON
Rgp594xlq0wBZpniaOz7V1d7IUbi4KoAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLB
ACkGjbIImjfZEwAAAWkj/RJoAAAEAwBHMEUCIQDypnYune5QqIBQL3HQYAziXG6h
jEYvGRDOb2RS3EJ9GQIgZqplZDG43bxe/GCVnibHldlV1R/wSJ5nUKHMB1/v+CIA
dQC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWkj/RGXAAAEAwBG
MEQCIBV473eNByKgNkWUDi+S9zaJjr6wV2e5hCgNVjiuQFVZAiA99i6sCXJBT9nt
lwqG52GbLIR318yjzcNQG1VHYUggjgB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLY
gwDEe4l6qP3LAAABaSP9EW8AAAQDAEcwRQIgUOnQCpGqnCDP3jG+JIc66z2DElD3
cZ1Hi20/zQuoJxUCIQC7qZc+QayS5YqDA5N9x+Y9mXTadzxN/4dYR8ZFr+3kFDAN
BgkqhkiG9w0BAQsFAAOCAQEAhYBWHqaNYgswQ7YUhCz2bls6fii4z96swEV5DWDv
cpXa87dLMhbgCYQ3N1R1n36fKQ7NM5P02yQuCvhiOukCMHUF2TI4ETzgtBOb7KV+
OceYerQ26jtE+4k4euX74oWCSjU7tnD6nZdrzTWFskk1zrT5KfXphUXgJnDcIRnP
gqXyrxVNPocX/C82R9wn+7crAHlY9ZmkMIe+ef2sxQJ2H5X2QQFuTyGthYWEnnmk
c3EWXEgIULjFq3xq3OorB99XPyZFgtmqHvr3NE8A6A0PVpQoATC6az/PEBxHCN/8
oZ27hBEwhMhpicBstrKjryAOAm4eTePcqtwuCOQRXJcTZA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kYsF6fIRTygXl371aEk
2pBUzVV0X6clSknKke1AosTj0YVh30y7f9KGSkVCQOiwZaGiPnCQBCSU92bjR46i
i1oDcd5vlavx69qNPsAVY/4NzOqd1lzlFrMHrtDMjLQivNpwd14BZbYh5ETWniAE
O7NkdQHNTMATPt7Hzrz2oSXDsGFRot2Jy/vxC8zwxJ0PeSHrBMqZMzRgeywbtnBy
OmwJFTKVS/RJPjz+5UqDkgJJrjIVpe8VIj0Kq1QTBM9DKF1m3xc/Zo4fRkhumV2f
6ACrzDtlFMBdWEEwSBa5EX588xCCJU+M5Cgn5YfehhjBuEIwx9fU09QZNuJg8tT9
1wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 105110004488711180236268635770508928523837998619
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-25 09:29:39 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-25 09:29:39 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Niedersachsen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Braunschweig'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BZV Medienhaus GmbH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Online'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bzv-medienhaus.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29574366581285662468163983715242876470280595783523844317284480476613937337858891639576014291879108042845994990639752458804514873512323728547800697617243977125464701484090018423754684291358307277180047056331935282889811041524785346751818446505918645862218021627786658225417563266009599337941098194614642579257951706831025292039042670363471105007992337494519930419879358908360742719287346684624463505988509965538097888156508360915316051901873430177927747804792546542604810383913580398562590187175798006634315303309640614337232572726380171979499059454071934542552805212307239162619105801005553974360242008318572909362647
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bzv-medienhaus.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bzv-medienhaus.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8343e27caef260dc4897fb47cddb275f0872573b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.11
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes)
							01df0076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016923fd120a0000040300473045022100a97cc70bd2053ff494ef02e79e4dbe99a7128611d60560040984b58e22eee15a0220432648dd05b8a9a38d460a79f78c65ab4c016699e268ecfb57577b2146e2e0aa0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016923fd12680000040300473045022100f2a6762e9dee50a880502f71d0600ce25c6ea18c462f1910ce6f6452dc427d19022066aa656431b8ddbc5efc60959e26c795d955d51ff0489e6750a1cc075feff822007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016923fd1197000004030046304402201578ef778d0722a03645940e2f92f736898ebeb05767b984280d5638ae40555902203df62eac0972414fd9ed970a86e7619b2c8477d7cca3cdc3501b55476148208e007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016923fd116f0000040300473045022050e9d00a91aa9c20cfde31be24873aeb3d831250f7719d478b6d3fcd0ba82715022100bba9973e41ac92e58a8303937dc7e63d9974da773c4dff875847c645afede414
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008580561ea68d620b3043b614842cf66e5b3a7e28b8cfdeacc045790d60ef7295daf3b74b3216e00984373754759f7e9f290ecd3393f4db242e0af8623ae902307505d93238113ce0b4139beca57e39c7987ab436ea3b44fb89387ae5fbe285824a353bb670fa9d976bcd3585b24935ceb4f929f5e98545e02670dc2119cf82a5f2af154d3e8717fc2f3647dc27fbb72b007958f599a43087be79fdacc502761f95f641016e4f21ad8585849e79a47371165c480850b8c5ab7c6adcea2b07df573f264582d9aa1efaf7344f00e80d0f5694280130ba6b3fcf101c4708dffca19dbb84113084c86989c06cb6b2a3af200e026e1e4de3dcaadc2e08e4115c971364