epd-prod.thurmed.ch
- thurmed AG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 3b:52:64:81:79:ae:42:45:de:28:19:98:f7:a2:4e:79:94:97:0a:22 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
thurmed AG
Organization:
thurmed AG
State / Province:
TG
Locality: Frauenfeld
Country: CH
Locality: Frauenfeld
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 3b:52:64:81:79:ae:42:45:de:28:19:98:f7:a2:4e:79:94:97:0a:22Serial Number (int): 338667871871645943170978952070959137249012681250
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: e4:b8:b5:00:de:fe:0c:37:cf:a4:49:0e:ac:20:48:a7:90:50:db:e7
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): f8:fa:22:18:ce:6b:72:40:6c:67:cd:83:d4:65:c3:c8:ac:2a:49:e2
Fingerprint (sha256): 4b:44:b8:86:7b:f9:fd:dd:44:4b:07:82:6f:c6:08:9a:40:06:2a:68:01:0e:e1:e8:47:fb:b8:f6:8a:15:f0:db
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate epd-prod.thurmed.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for epd-prod.thurmed.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
epd-prod.thurmed.ch
Other certificates including the domain name thurmed.ch
(limited to 100 certificates)
am.thurmed.ch
af.thurmed.ch
epd-prod.thurmed.ch
am.thurmed.ch
af.thurmed.ch
af.thurmed.ch
af.thurmed.ch
aft.thurmed.ch
epd-prod.thurmed.ch
epd-prod.thurmed.ch
expe.stgag.ch
epd-test.thurmed.ch
af.thurmed.ch
aft.thurmed.ch
stgag.ch
expe.stgag.ch
af.thurmed.ch
amt.thurmed.ch
epd-prod.thurmed.ch
amt.thurmed.ch
epd-test.thurmed.ch
stgag.ch
af.thurmed.ch
epd-prod.thurmed.ch
am.thurmed.ch
af.thurmed.ch
af.thurmed.ch
af.thurmed.ch
aft.thurmed.ch
epd-prod.thurmed.ch
epd-prod.thurmed.ch
expe.stgag.ch
epd-test.thurmed.ch
af.thurmed.ch
aft.thurmed.ch
stgag.ch
expe.stgag.ch
af.thurmed.ch
amt.thurmed.ch
epd-prod.thurmed.ch
amt.thurmed.ch
epd-test.thurmed.ch
stgag.ch
Certificate
The complete raw certificate details for epd-prod.thurmed.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIwjCCBqqgAwIBAgIUO1JkgXmuQkXeKBmY96JOeZSXCiIwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDUyNDEx MDYwOFoXDTI1MDUyNDExMDYwOFowYjELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlRH MRMwEQYDVQQHDApGcmF1ZW5mZWxkMRMwEQYDVQQKDAp0aHVybWVkIEFHMRwwGgYD VQQDExNlcGQtcHJvZC50aHVybWVkLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAzB97KI2nHZ9eaDbi8IIR6vyIXf+CcY4+E9GvhthyNUabzX6KomNE zcOQM6p9LUXnp2mik5TvQZACBqzHhcB8qySrBvN8zHhnlt/LnEU8W2ush8NFLU3S gY87/ds6ZkzeFGU8pM7jll1NoEbiNkU7731IxfaELMaEqS7Ic9bppvyjK8VjoLMz fj9IEmFwhtBe/xEpZb8kSn/RtQBPGiVqpFMgVlh22lvwpeKzlkmeo95PESkgwAZV pguAaSlqnIFvqR1Zp9zqb8tNhkjsRxt+NbXoQAfF17lzMh0uD26I6bpUORF7iW6S lvOxJqWm016ENwzoZJgFs40k5o/RVpCayQIDAQABo4IEgDCCBHwwgbIGCCsGAQUF BwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9h aXItMGYyYmY5YTUtZGQzNy00OGM5LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUF BzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUt NjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQIC MAgGBgQAj3oBBzBQBghghXQBWQIBAjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3Jl cG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYD VR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYy ZjVhLTZiNzMtNGRhNC04N2Y3LWNlNDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMB4GA1UdEQQXMBWCE2VwZC1w cm9kLnRodXJtZWQuY2gwHQYDVR0OBBYEFOS4tQDe/gw3z6RJDqwgSKeQUNvnMB8G A1UdIwQYMBaAFHxvCm8TD9mMJG8mNPNca0NttyO2MIICcAYKKwYBBAHWeQIEAgSC AmAEggJcAloAdwAo4oE4/YMhRemp1qp1N22Dd6iFErPAf3JBSCHcvemMZgAAAY+q R5fxAAAEAwBIMEYCIQCnkGBoLUKR+GfXp6kOu58QMjJPS00yBInxOFM32V9UtgIh AKRVuuwS6k+WMWSENY9yV522CkjEr2W7Ma7GNHYT14pBAHcA4JKz/AwdyOdoNh/e YbmWTQpSeBmKctZyxLBNpW1vVAQAAAGPqkeUzgAABAMASDBGAiEA0y3gNo/lOwv6 ti2dmWIBhmc99lpPKhiCuQPII79eRCQCIQDqKjmt4ODJqKXsVLcV6jSqqoDHTaA7 57glGkQK6Ho95gB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAAB j6pHk64AAAQDAEcwRQIhAJD4wy6CL9QcV/dbmaW/vWEJTuyahxFdSQneu2265e/7 AiBQyo9LPwcuV9PcOeH6uPJ7UtJOG0wKmd0NlAQYUQptnQB2AMz7D2qFcQll/pWb U87psnwi6YVcDZeNtql+VMD+TA2wAAABj6pHlQQAAAQDAEcwRQIhAJNGPkLkItG2 ROwvDRgYgR3r6nqOZg686a5erK7oK7TOAiBeeYWuy9ra7kAm0fmj16up14K7WetR dUoSHmr2ei7IGgB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAAB j6pHk/EAAAQDAEcwRQIhAISQuutofRxLFyDqpd6jp/5VPEAIxiAW/KLyPTzwrq12 AiBBBo6J3tbkP5PLauHOPW1Vicle2iVTQJCcZ1R3PXumUDANBgkqhkiG9w0BAQsF AAOCAgEAQyz/xNo8B6a83Y9YGO/w4zutzR8IejJ5xvkWNAP8ZT7dvO/amwL3DPS3 GxKf5mc9Jn+Jt/A/yhrlXMfw6z2MMQPIKcDPlbYIdZ2HdgbbTEvinPm6hixIciO2 LuGUzcP4d0G90/hlzy/A8Fnw+41fdOZ7uhLLFWp1KExJU7B7ImsgyUnkpNLl4ugm 4yONtCL1evI8kIdZsqxTxNYvwDlw6VtiC5HrGKg0NmgeGIDS/1Q7bietE+aQ5Mns n+icJksc9YWo6En158O9chQZy1IX53BmC6Gy1SAkKr9JChH0vVQPqfMckqtFzzvL wiadIPxyCg5CbiJASCCagnZ6gk8+yvsDNb59PeT/S1SIeJ1pvF77TanaoXzfYeFB VAE0OovdZO6002pAZFC+Dymx1xYg49azREcUfUAIz2j0Pufi04gT/dX6svEAlxYa aCuV3mGYSojfW+bGwBwME74x6UUdzKhL4Ymi5GPz1/p8XFs+kaTXht2NbbKnCqwm LM7BIyyJPZKF2FR1TJGbrZjFOzE7dsrDJe3ls6LtiCEIuParsn5lhHuDklqliUjH Jj4VGqJBxG1sChyrY/yrmLlDFLBl/4cJYBXrHqzHuBsSFL9RFlaCvnsGRZetksuD drlBdLQWr3wdPJ5yuv+oKrEDFsMsyvM3ph5K1edUk2tlfVlL79E= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB97KI2nHZ9eaDbi8IIR 6vyIXf+CcY4+E9GvhthyNUabzX6KomNEzcOQM6p9LUXnp2mik5TvQZACBqzHhcB8 qySrBvN8zHhnlt/LnEU8W2ush8NFLU3SgY87/ds6ZkzeFGU8pM7jll1NoEbiNkU7 731IxfaELMaEqS7Ic9bppvyjK8VjoLMzfj9IEmFwhtBe/xEpZb8kSn/RtQBPGiVq pFMgVlh22lvwpeKzlkmeo95PESkgwAZVpguAaSlqnIFvqR1Zp9zqb8tNhkjsRxt+ NbXoQAfF17lzMh0uD26I6bpUORF7iW6SlvOxJqWm016ENwzoZJgFs40k5o/RVpCa yQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 338667871871645943170978952070959137249012681250 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-24 11:06:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-24 11:06:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'TG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Frauenfeld' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'thurmed AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'epd-prod.thurmed.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25768138115928046621735146958877736553970048672304805404847350797226037981708436948362240059635165997628807762468958230205617946869347840067990148033081994162358433216485161571820746376661996179729517317827641721907161304998827416650140137550559183683088084865675517337372801705004617128548732336683602521945703732071061536198001984816772953415605872853960434377714133045633167419530926112471208757614443712882105789020543134346036949109682255267932902682643939193873405480849558264105982278880953701702145140202783386211560662365880174351325833346729726357421471448724177241950041881404812048283277931990358500088521 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'epd-prod.thurmed.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e4b8b500defe0c37cfa4490eac2048a79050dbe7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (608 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (604 bytes) 025a00770028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018faa4797f10000040300483046022100a79060682d4291f867d7a7a90ebb9f1032324f4b4d320489f1385337d95f54b6022100a455baec12ea4f96316484358f72579db60a48c4af65bb31aec6347613d78a41007700e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f54040000018faa4794ce0000040300483046022100d32de0368fe53b0bfab62d9d99620186673df65a4f2a1882b903c823bf5e4424022100ea2a39ade0e0c9a8a5ec54b715ea34aaaa80c74da03be7b8251a440ae87a3de6007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018faa4793ae000004030047304502210090f8c32e822fd41c57f75b99a5bfbd61094eec9a87115d4909debb6dbae5effb022050ca8f4b3f072e57d3dc39e1fab8f27b52d24e1b4c0a99dd0d940418510a6d9d007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018faa479504000004030047304502210093463e42e422d1b644ec2f0d1818811debea7a8e660ebce9ae5eacaee82bb4ce02205e7985aecbdadaee4026d1f9a3d7aba9d782bb59eb51754a121e6af67a2ec81a0076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018faa4793f100000403004730450221008490baeb687d1c4b1720eaa5dea3a7fe553c4008c62016fca2f23d3cf0aead76022041068e89ded6e43f93cb6ae1ce3d6d5589c95eda255340909c6754773d7ba650 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00432cffc4da3c07a6bcdd8f5818eff0e33badcd1f087a3279c6f9163403fc653eddbcefda9b02f70cf4b71b129fe6673d267f89b7f03fca1ae55cc7f0eb3d8c3103c829c0cf95b608759d877606db4c4be29cf9ba862c487223b62ee194cdc3f87741bdd3f865cf2fc0f059f0fb8d5f74e67bba12cb156a75284c4953b07b226b20c949e4a4d2e5e2e826e3238db422f57af23c908759b2ac53c4d62fc03970e95b620b91eb18a83436681e1880d2ff543b6e27ad13e690e4c9ec9fe89c264b1cf585a8e849f5e7c3bd721419cb5217e770660ba1b2d520242abf490a11f4bd540fa9f31c92ab45cf3bcbc2269d20fc720a0e426e224048209a82767a824f3ecafb0335be7d3de4ff4b5488789d69bc5efb4da9daa17cdf61e1415401343a8bdd64eeb4d36a406450be0f29b1d71620e3d6b34447147d4008cf68f43ee7e2d38813fdd5fab2f10097161a682b95de61984a88df5be6c6c01c0c13be31e9451dcca84be189a2e463f3d7fa7c5c5b3e91a4d786dd8d6db2a70aac262ccec1232c893d9285d854754c919bad98c53b313b76cac325ede5b3a2ed882108b8f6abb27e65847b83925aa58948c7263e151aa241c46d6c0a1cab63fcab98b94314b065ff87096015eb1eacc7b81b1214bf51165682be7b064597ad92cb8376b94174b416af7c1d3c9e72baffa82ab10316c32ccaf337a61e4ad5e754936b657d594befd1