login.sartorius.com
Issued by SwissSign RSA TLS DV ICA 2021 - 1
About this certificate
This digital certificate with serial number 5e:ab:f7:d7:8b:7a:32:a1:e7:c1:53:67:33:b0:d4:39:32:b0:54:6d was issued on by SwissSign AG.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=login.sartorius.com
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 5e:ab:f7:d7:8b:7a:32:a1:e7:c1:53:67:33:b0:d4:39:32:b0:54:6dSerial Number (int): 540480149967120863196593149562813978662163993709
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 5b:c5:3d:80:7d:6d:6a:94:c7:13:d6:f3:bb:ff:b3:63:fa:79:b4:e3
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87
Fingerprint (sha1): 78:94:8d:43:bb:2a:76:30:af:e1:70:e2:3c:bf:bc:88:e2:d1:46:05
Fingerprint (sha256): 42:0b:42:86:bc:ab:5f:4b:98:d9:4f:a9:4d:4c:3c:bd:c8:45:d0:c0:9f:a9:fe:5d:a3:5a:1f:4b:6c:9b:2e:36
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587
Revocation information
OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate login.sartorius.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for login.sartorius.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
login.sartorius.com
Other certificates including the domain name sartorius.com
(limited to 100 certificates)
cert00068-azurecdn.akamaized.net
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
eshop.sartorius.com
api-qa.sartorius.com
*.scp.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
eshop-qa.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
ir-berichte.sartorius.de
btconfigurator-dev2.sartorius.com
su-adp-presentation.sartorius.com
*.portal.sartorius.com
cert00068-azurecdn.akamaized.net
jira.sartorius.com
am.vpn.sartorius.com
cert00068-azurecdn.akamaized.net
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
www.sartorius.com
sfpi-test.sartorius.com
go.sartorius.com
bioprocess-sandbox.sartorius.com
configurator-presentation.sartorius.com
serviceshop.sartorius.de
login.sartorius.com
click.sartorius.com
go.sartorius.com
owa.sartorius.com
sentry-c1.sartorius.com
sentry-access.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
eshop.sartorius.com
api-qa.sartorius.com
*.scp.sartorius.com
*.scp.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
su-adp-presentation.sartorius.com
open-access.sartorius.com
configurator-training.sartorius.com
www.shop-wer.de
shop.sartorius.com
dam-qa.sartorius.com
www.sartorius.com
ecoach.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
upload.sartorius.com
btconfigurator.sartorius.com
jira.sartorius.com
de91vaucxwye01.sartorius.com
*.portal-q.sartorius.com
git.sartorius.com
ecoach.sartorius.com
configurator-training.sartorius.com
verical.sartorius.com
eshop-qa.sartorius.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
developer-qa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
go.sartorius.com
uc-gw.sartorius.com
*.sartorius.com
btconfigurator-dev.sartorius.com
sartdam.sartorius.com
btconfigurator-dev3.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
cert00068-azurecdn.akamaized.net
ir-reports.sartorius.com
brm.sartorius.com
developer-qa.sartorius.com
bioprocess-test.sartorius.com
*.scp.sartorius.com
mobile-test.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev.sartorius.com
cert00068-azurecdn.akamaized.net
git.sartorius.com
serviceshop.sartorius.de
owa.sartorius.com
dam-qa.sartorius.com
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
cert00068-azurecdn.akamaized.net
sartdam.sartorius.com
cert00068-azurecdn.akamaized.net
btconfigurator-dev2.sartorius.com
serviceshop.sartorius.de
jira.sartorius.com
owa.sartorius.com
cert00068-azurecdn.akamaized.net
config-data-downloads.sartorius.com
cert00068-azurecdn.akamaized.net
bi-test.sartorius.com
studio.sartorius.com
www.shop-wer.de
Sartorius Corporate Administration GmbH
lps-globalsalesmeeting.sartorius.com
mobile.sartorius.com
login-test.sartorius.com
btconfigurator-dev3.sartorius.com
ir-berichte.sartorius.de
btconfigurator-dev2.sartorius.com
su-adp-presentation.sartorius.com
*.portal.sartorius.com
cert00068-azurecdn.akamaized.net
jira.sartorius.com
am.vpn.sartorius.com
cert00068-azurecdn.akamaized.net
www.connect-upstream.com
cert00068-azurecdn.akamaized.net
www.sartorius.com
sfpi-test.sartorius.com
go.sartorius.com
bioprocess-sandbox.sartorius.com
configurator-presentation.sartorius.com
serviceshop.sartorius.de
login.sartorius.com
click.sartorius.com
Certificate
The complete raw certificate details for login.sartorius.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKLzCCCBegAwIBAgIUXqv314t6MqHnwVNnM7DUOTKwVG0wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMDExMzA4 MzA0M1oXDTIzMDExMzA4MzA0M1owHjEcMBoGA1UEAxMTbG9naW4uc2FydG9yaXVz LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANCHF0w3ciMs0Qig CpToARxpR/5pIsGpbr+aR06k3OZMclUBCRmZAg8BbZm5LEaG9kGQh8SdaGPQb3T7 1eWdHBqT4b3fe/kND2pgMqQ1/ZVvx0do5eXa7mPGX8r7ZIw7j2QUxxRAWeNladDU ie3B/jobMDeaFb/3yC/eI5z+TpwgkaF5+0+DRfmM8WOE95FfNC5yBeuuOBeJSK8m QoMznTQEJ0VLdWPKhIspuBo5fOQXEatNetPgSyP3YX1nrE3zroaFPvu4ms3tCo1I 86gOrnot8kAlxPNXI4dWJmSgzGDza2whyrp+6Z+oJf92EYrWFGjH1eBbZE/Og58o gvyEOHUCAwEAAaOCBjEwggYtMB4GA1UdEQQXMBWCE2xvZ2luLnNhcnRvcml1cy5j b20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAdBgNVHQ4EFgQUW8U9gH1tapTHE9bzu/+zY/p5tOMwHwYDVR0jBBgwFoAUPJ5S eQNjb0+cgRvTKHAMJFrqpYcwgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2Ny bC5zd2lzc3NpZ24ubmV0LzNDOUU1Mjc5MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0 NUFFQUE1ODcwgaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5u ZXQvQ049M0M5RTUyNzkwMzYzNkY0RjlDODExQkQzMjg3MDBDMjQ1QUVBQTU4NyUy Q089U3dpc3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jh c2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwbwYDVR0gBGgwZjBQ BghghXQBWQIBATBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dp c3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwCAYGBACPegEGMAgGBmeB DAECATCBxgYIKwYBBQUHAQEEgbkwgbYwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lz c3NpZ24ubmV0L2NnaS1iaW4vYXV0aG9yaXR5L2Rvd25sb2FkLzNDOUU1Mjc5MDM2 MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFFQUE1ODcwTgYIKwYBBQUHMAGGQmh0dHA6 Ly9vY3NwLnN3aXNzc2lnbi5uZXQvM0M5RTUyNzkwMzYzNkY0RjlDODExQkQzMjg3 MDBDMjQ1QUVBQTU4NzCCA14GCisGAQQB1nkCBAIEggNOBIIDSgNIAHYAVYHUwhaQ NgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAF+Uo+KjQAABAMARzBFAiEA5Cd1 pYiXQBxwxui/k5lzgQIgW5FRodoF0n9tmaNGOOgCIAr8oJSWYId6VC295eBD9O7k xlapkgFcDsVmZPd5I4MiAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo3 2RMAAAF+Uo+JtAAABAMARzBFAiAPq0H4lAYXEsItF6uF6gnMpJ/YM1ZsIKNNlvB8 tw91LgIhAPMIqhTQFvlo9aaAj+5x1cF111aS5nnFJEAGteMFDWnfAHYAejKMVNi3 LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAF+Uo+KHQAABAMARzBFAiEAkmhl UbkUjDmemDVZV/UlN67PNFj4gpUJTSceX12wGdoCIFrtOcRuhztffrd/7U7sdaiW 4AG9WnuB6P2QjXc2rsb5AHYArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvc gooAAAF+Uo+JowAABAMARzBFAiEAw73G2M70nhQuenyXZRAoUAIMwq8iUUC9b+jT def+cMQCIFRgeFZBuRkUyUxolQDkr2hbqASm6xZPexPVTv8tfDLFAHcAs3N3B+GE UPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAF+Uo+LFgAABAMASDBGAiEA3yZN sGqxPY8P9Bw5/pZItE8PjHdnOySO/ukqbvGvWN0CIQCCn4XYCcOr7vQmYoZvXZvo A/sxWwYjiupaIY8RlKqo8QB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31t Br1uAAABflKPixkAAAQDAEcwRQIgcKHfULoKYsyURdrtEkaOVUCg4HR/hnQ7M/qU pwI2utECIQChjriFR6Jg1MgLvPQD5fuMzLX9VRBSPU1HXYbr1ofVVAB1AOh+p2YL wmz2AC71cl0/4OMxuTk7uS+/WOs7kEna9UNaAAABflKPjhwAAAQDAEYwRAIgPybR AtFPL+H+YrhHGeP7aMdFDIICxF8r01xEfSs3aXcCIEwiHdIvKMR6B1NyQkWGFad9 AL2/PM7KAwp35n5bItTzMA0GCSqGSIb3DQEBCwUAA4ICAQBa7JGzBhqz+BE6DswK jqtNix5Jy9JEIUNMN9m7D7RLavplGesLs/1M0DFmxIGbMtvSovpN406jipEqpJoN TSAEerZe9xEarm8Lgq0NXdL9iDoNWhWY82WYK+hmhtV8yvKFOVtGvy9u2uNMyQ3V dCpcd5GNZXphmp/DCtTsgVhd7PkI0QCY0mlqEaNYtLHLo+oQBvJvyNZMpWKSYhJO KXzJui3MMcNN/lfl3u/DhVTS9220WYCbI0PyUYnebRWDHr/TjYSvvWecYDL3E943 BtTxGBBNomKc3A++BFzt217IWf3/iuVvYgNX8Km2n8Q9Ehy6h5nE5KhX9/DkY88W vxgjsuoii0ESrIRw2WCoK7vSux2t0/VNq2QGGkCnoTNmeUirP+1dCPOxNz7AgFT8 +HvoIUXTthgSTs6EmQs0244tCh7Gi5RdVHGwH1GMgxNF4LvMFOsR9dShOFwk6ekN r9940J8ngOXzw+pQPq/f2jO0llKpFKEknOjSP0S54AwRW563G4QAnnOkR7seWFyK oS75A+MqekQ+jWBNS2bLZB7bYeqZZrz5L28SDtObf9Jpga7ZXGQBrQD576KCHvkC aywNreag07NC9xeN0z/YLCNGCHOByqvwRsgKq5aFpHWHXB7+jPsOQ/lQkmcv3YRL +tSks+dKWw/YGJkCC078tAXleA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IcXTDdyIyzRCKAKlOgB HGlH/mkiwaluv5pHTqTc5kxyVQEJGZkCDwFtmbksRob2QZCHxJ1oY9BvdPvV5Z0c GpPhvd97+Q0PamAypDX9lW/HR2jl5druY8ZfyvtkjDuPZBTHFEBZ42Vp0NSJ7cH+ OhswN5oVv/fIL94jnP5OnCCRoXn7T4NF+YzxY4T3kV80LnIF6644F4lIryZCgzOd NAQnRUt1Y8qEiym4Gjl85BcRq0160+BLI/dhfWesTfOuhoU++7iaze0KjUjzqA6u ei3yQCXE81cjh1YmZKDMYPNrbCHKun7pn6gl/3YRitYUaMfV4FtkT86DnyiC/IQ4 dQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 540480149967120863196593149562813978662163993709 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-13 08:30:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-13 08:30:43 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'login.sartorius.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26324183291162242505253733853896120971790809962607720188603967334816590651111585849557691816053403165844857628206404549992282233367179493269094474535765720622239548845032927109567464625552735510620935634035923844082781551751073934530192575992934105591447313362085483703360427938147126163406163308915657393267871516073314891031974469145251257151700845079611417923903758042713543615189642999218544329618997853236764610907943375464321331281945711057227791641288169545252717999676796027940607874665618376123592715278869737273837829306812537232094579893336393116160463328568681064790984355688606191733744047728097927379061 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'login.sartorius.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5bc53d807d6d6a94c713d6f3bbffb363fa79b4e3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (846 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (842 bytes) 03480076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000017e528f8a8d0000040300473045022100e42775a58897401c70c6e8bf9399738102205b9151a1da05d27f6d99a34638e802200afca0949660877a542dbde5e043f4eee4c656a992015c0ec56664f7792383220076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017e528f89b4000004030047304502200fab41f894061712c22d17ab85ea09cca49fd833566c20a34d96f07cb70f752e022100f308aa14d016f968f5a6808fee71d5c175d75692e679c5244006b5e3050d69df0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017e528f8a1d000004030047304502210092686551b9148c399e98355957f52537aecf3458f88295094d271e5f5db019da02205aed39c46e873b5f7eb77fed4eec75a896e001bd5a7b81e8fd908d7736aec6f9007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017e528f89a30000040300473045022100c3bdc6d8cef49e142e7a7c9765102850020cc2af225140bd6fe8d375e7fe70c402205460785641b91914c94c689500e4af685ba804a6eb164f7b13d54eff2d7c32c5007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017e528f8b160000040300483046022100df264db06ab13d8f0ff41c39fe9648b44f0f8c77673b248efee92a6ef1af58dd022100829f85d809c3abeef42662866f5d9be803fb315b06238aea5a218f1194aaa8f1007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017e528f8b190000040300473045022070a1df50ba0a62cc9445daed12468e5540a0e0747f86743b33fa94a70236bad1022100a18eb88547a260d4c80bbcf403e5fb8cccb5fd5510523d4d475d86ebd687d554007500e87ea7660bc26cf6002ef5725d3fe0e331b9393bb92fbf58eb3b9049daf5435a0000017e528f8e1c000004030046304402203f26d102d14f2fe1fe62b84719e3fb68c7450c8202c45f2bd35c447d2b37697702204c221dd22f28c47a07537242458615a77d00bdbf3cceca030a77e67e5b22d4f3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 005aec91b3061ab3f8113a0ecc0a8eab4d8b1e49cbd24421434c37d9bb0fb44b6afa6519eb0bb3fd4cd03166c4819b32dbd2a2fa4de34ea38a912aa49a0d4d20047ab65ef7111aae6f0b82ad0d5dd2fd883a0d5a1598f365982be86686d57ccaf285395b46bf2f6edae34cc90dd5742a5c77918d657a619a9fc30ad4ec81585decf908d10098d2696a11a358b4b1cba3ea1006f26fc8d64ca5629262124e297cc9ba2dcc31c34dfe57e5deefc38554d2f76db459809b2343f25189de6d15831ebfd38d84afbd679c6032f713de3706d4f118104da2629cdc0fbe045ceddb5ec859fdff8ae56f620357f0a9b69fc43d121cba8799c4e4a857f7f0e463cf16bf1823b2ea228b4112ac8470d960a82bbbd2bb1dadd3f54dab64061a40a7a133667948ab3fed5d08f3b1373ec08054fcf87be82145d3b618124ece84990b34db8e2d0a1ec68b945d5471b01f518c831345e0bbcc14eb11f5d4a1385c24e9e90dafdf78d09f2780e5f3c3ea503eafdfda33b49652a914a1249ce8d23f44b9e00c115b9eb71b84009e73a447bb1e585c8aa12ef903e32a7a443e8d604d4b66cb641edb61ea9966bcf92f6f120ed39b7fd26981aed95c6401ad00f9efa2821ef9026b2c0dade6a0d3b342f7178dd33fd82c2346087381caabf046c80aab9685a475875c1efe8cfb0e43f95092672fdd844bfad4a4b3e74a5b0fd81899020b4efcb405e578