abz-ssl-client-dk.lidl.net

- Lidl Stiftung & Co. KG -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 48:5f:a3:7e:2f:5c:88:13:85:21:fb:01:c6:61:5f:37:be:a5:39:4c was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Lidl Stiftung & Co. KG

Organization: Lidl Stiftung & Co. KG
State / Province: BW
Locality: Neckarsulm
Country: DE

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 48:5f:a3:7e:2f:5c:88:13:85:21:fb:01:c6:61:5f:37:be:a5:39:4c
Serial Number (int): 413180148534316130968802069289694384090092222796
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: c5:df:e6:0f:61:96:30:35:4e:e6:e1:28:b1:c5:11:47:cd:ee:20:9e
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 55:26:ab:37:4c:34:3b:bc:38:d1:82:9b:38:dc:6b:c0:2f:34:18:65
Fingerprint (sha256): 4d:6c:7a:5d:2e:5e:8e:b4:61:fa:54:b7:f8:0e:ba:36:34:a7:1b:a8:af:ff:87:06:f3:11:34:47:d6:67:ba:3e

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate abz-ssl-client-dk.lidl.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for abz-ssl-client-dk.lidl.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.abz-ssl-client-dk.lidl.net
abz-ssl-client-dk.lidl.net

Other certificates including the domain name lidl.net

(limited to 100 certificates)
cms-esaint.lidl.net
exp1.ucie.lidl.net
lsap29.asp.lidl.net
se1-ucexe-p001.lidl.net
abz-ssl-client-si.lidl.net
exp2.ucie.lidl.net
se1-ucexe-p001.lidl.net
qie-ssl-client-ie.lidl.net
hk-ucexe-p002.lidl.com.hk
lhr.hr.lidl.net
fizz.lidl.net
qdk-ssl-client-dk.lidl.net
l-tas154.asp.lidl.net
se1-ucexe-p001.lidl.net
ps4-ssl-client-eric.lidl.net
fizz.lidl.net
*.retail.lidl.net
qeu-ssl-client-eric.lidl.net
l-as525.asp.lidl.net
wirelessportal.lidl.com
hk-ucexe-p002.lidl.com.hk
se1-ucexe-p001.lidl.net
hgb-ssl-client-gb.lidl.net
heu-ssl-client-eric.lidl.net
exp2.ucie.lidl.net
fizz.lidl.net
se1-ucexe-p002.lidl.net
fizz.lidl.net
l-tas408.asp.lidl.net
fizz.lidl.net
*.sdl-career.lidl.net
heu-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
pf3-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
se1-ucexe-p001.lidl.net
qps-ssl-client.lidl.net
se1-ucexe-p001.lidl.net
hsi-ssl-client-si.lidl.net
*.vdc.lidl.net
se1-ucexe-p001.lidl.net
out-uc17.lidl.net
abz-ssl-client-gb.lidl.net
abz-ssl-client-cssz.lidl.net
hcz-ssl-client-cssz.lidl.net
exp1.ucie.lidl.net
ebz-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
qsi-ssl-client-si.lidl.net
wirelessportal.lidl.com
out-uc17.lidl.net
*.vdc.lidl.net
jss.lidl.net
fmmobile-qs.lidl.net
wirelessportal.lidl.com
pf3-ssl-client-eric.lidl.net
qie-ssl-client-ie.lidl.net
qps-ssl-client.lidl.net
out-uc18.lidl.net
ebz-ssl-client-eric.lidl.net
qeu-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
ebz-ssl-client-eric.lidl.net
se1-ucexe-p001.lidl.net
wirelessportal.lidl.com
hps-ssl-client.lidl.net
abz-ssl-client-dk.lidl.net
qsi-ssl-client-si.lidl.net
hdk-ssl-client-dk.lidl.net
se1-ucexe-p001.lidl.net
out-uc18.lidl.net
qs4-ssl-client-eric.lidl.net
out-uc18.lidl.net
out-uc18.lidl.net
se1-ucexe-p001.lidl.net
fizz.lidl.net
abz-ssl-client-dk.lidl.net
ebz-ssl-client-dk.lidl.net
hdk-ssl-client-dk.lidl.net
qf3-ssl-client-eric.lidl.net
se1-ucexe-p002.lidl.net
hgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
abz-ssl-client-si.lidl.net
se1-ucexe-p001.lidl.net
es4-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
exp2.ucie.lidl.net
*.vdc.lidl.net
jss.lidl.net
abz-ssl-client-eric.lidl.net
ssl-client-eee.lidl.net
se1-ucexe-p002.lidl.net
ebz-ssl-client-si.lidl.net
*.esaint.lidl.net
ssl-client-eee.lidl.net
qde-ssl-client-eric.lidl.net
hk-ucexe-p002.lidl.com.hk
heu-ssl-client-eric.lidl.net

Certificate

The complete raw certificate details for abz-ssl-client-dk.lidl.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII+TCCBuGgAwIBAgIUSF+jfi9ciBOFIfsBxmFfN76lOUwwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDUxMzA4
NDgyM1oXDTI1MDUxMzA4NDgyM1owdTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkJX
MRMwEQYDVQQHDApOZWNrYXJzdWxtMR8wHQYDVQQKDBZMaWRsIFN0aWZ0dW5nICYg
Q28uIEtHMSMwIQYDVQQDExphYnotc3NsLWNsaWVudC1kay5saWRsLm5ldDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKD4pbZ0cZBClVy2yMLkesS66ZPC
oAALO+8lIwF0EjTdcRaqw3Z7YXRaMNMULVuOX/kFW4HBtl/+UvxWp6aREymmAj+P
x9zsWCyaeS9HMy3+SA7lGrYwr1Zx9vOrZqXJRRfNiX2KKDmVZNDYJw3LQpYEft/i
LhIbdIO3N2ltJFlb10a9E0YoCV/UqpkII1orJArr1Xc6F9xgxqhWt07bl4gR5FMM
WVHYW/6120cChLLj7pAF7ijzJT967J1hdttW9MzzJDrD9wrwUDpwYk4zrdgMfj1W
X5Pps4B7N9nmJb4uqUxLytgy5LUtxTKM7/gmm9elYuL1CsART27Vd2el0YkCAwEA
AaOCBKQwggSgMIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZAaHR0cDov
L2FpYS5zd2lzc3NpZ24uY2gvYWlyLTBmMmJmOWE1LWRkMzctNDhjOS1hODViLTEy
YWNkY2I4YmU0NTBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3NzaWduLmNo
L3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjczZWZlYzBv
BgNVHSAEaDBmMAgGBmeBDAECAjAIBgYEAI96AQcwUAYIYIV0AVkCAQIwRDBCBggr
BgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NT
aWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwuc3dp
c3NzaWduLmNoL2NkcC05NmI2MmY1YS02YjczLTRkYTQtODdmNy1jZTQwMDJjMWNk
MzQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIF
oDBFBgNVHREEPjA8gh53d3cuYWJ6LXNzbC1jbGllbnQtZGsubGlkbC5uZXSCGmFi
ei1zc2wtY2xpZW50LWRrLmxpZGwubmV0MB0GA1UdDgQWBBTF3+YPYZYwNU7m4Six
xRFHze4gnjAfBgNVHSMEGDAWgBR8bwpvEw/ZjCRvJjTzXGtDbbcjtjCCAm0GCisG
AQQB1nkCBAIEggJdBIICWQJXAHYAKOKBOP2DIUXpqdaqdTdtg3eohRKzwH9yQUgh
3L3pjGYAAAGPcSOHwwAABAMARzBFAiEA2DUfJGFzsWqxHY9XZ1Naj9KM9X/Vv/Hl
kzgkhOX8AdYCICYeN2+PJexx+YhFcGe6PwW8HyPwtx6Co7tAAWZZZ7sKAHUA4JKz
/AwdyOdoNh/eYbmWTQpSeBmKctZyxLBNpW1vVAQAAAGPcSOFugAABAMARjBEAiAO
aEWqFjcf7pw92VCGJxMqtH0rhPKE9+WWX8yQpbv0wgIgTqPFSG9hc8MCdI1a/HPx
1RRNjRcYTVlaA4znXLwrZIwAdQDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3
zsw7CAAAAY9xI4TOAAAEAwBGMEQCIBiGVFpXnZhsIKXFEl/mP70EfnhWHWUEKMzi
oa4iQs21AiAQR6iCYBIv2fMm5UoD6OLf+XOLpuJrkX8ZgD/lWg+IgQB2AMz7D2qF
cQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAABj3EjhOYAAAQDAEcwRQIhAJhi
Uq+X/Cdqme9BfIkoKg7S+eiSBNAaK06M2CNLNgi9AiBO9pfw/XUCUgFkRXFDiPwo
uedAHfsUgfyzcEkSZiF6mwB3AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFi
mjnfAAABj3EjhsIAAAQDAEgwRgIhAPkGIR0Ouh5Dq2VLHK12i/1dbe44yUrxAG3n
1CNLoQzXAiEA3wdMnhTUCFtuIOEtS/w/1FcXrusfsRGBUJIpfxHSts8wDQYJKoZI
hvcNAQELBQADggIBAD1updKWREe2S3NMsWVNcdRVrFTJbUB1n+RHHH5SW8QfotCD
+v3cN2VhNGHcUePDe19HS6dsN9TpTApsLzOWWf20BTVxzBM0leINUdLkN0ZRniXj
/QqFYF+pF8zXPEHK6D67SP555prtNiRuVYqyfbEoLAc1RfZjI1nh8VOXSRwtx7yJ
58vIQ2tfdJ8LGYFsGU/4PeXdCJH1oP4lGhgkASZwOa+FTRZT5YtUYYBlzMDRUL7N
71s+kHydcihFyM3SaGWB9bgXe0GBQTK4Lzcd5GXvbthdK5xEilSOBu97niEL5XjB
QLCHCUTOZIg8rqi2Y8cgwuX0/D9ytW+tUYfU12VFJil5lAK86ZPzE444Rq49UqS0
xrvBtksXSSwTQ/75QNuwSY7hK0MeaamxlcJ+o0Axq+jYi3l1LJlWWLrlyADn3UAt
6kDPcmZNxUHLgL33XSvBud2B35zPTACdXplr8E0Z26aG+Dp/e2iw/WjyHuUyPbDf
Vvjb0pW2ASNT02W2yyge0wgXi+pyfXcDX/uGaIM8/glxkq3MsVhO0m7KfIIjei3y
+fY2HRr/NBuSSp4sXHi7cUTppZ1f6WsbU0ledZkmT8f+KbEWaLotewu1n9imBR9+
VwblyrgSwh9bBEnEcEt+s/Mw+zWNGOnnY5Dm1Q+loHrdrKVgOe5qxk4a3CHX
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPiltnRxkEKVXLbIwuR6
xLrpk8KgAAs77yUjAXQSNN1xFqrDdnthdFow0xQtW45f+QVbgcG2X/5S/FanppET
KaYCP4/H3OxYLJp5L0czLf5IDuUatjCvVnH286tmpclFF82JfYooOZVk0NgnDctC
lgR+3+IuEht0g7c3aW0kWVvXRr0TRigJX9SqmQgjWiskCuvVdzoX3GDGqFa3TtuX
iBHkUwxZUdhb/rXbRwKEsuPukAXuKPMlP3rsnWF221b0zPMkOsP3CvBQOnBiTjOt
2Ax+PVZfk+mzgHs32eYlvi6pTEvK2DLktS3FMozv+Cab16Vi4vUKwBFPbtV3Z6XR
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 413180148534316130968802069289694384090092222796
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-13 08:48:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-13 08:48:23 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BW'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Neckarsulm'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Lidl Stiftung & Co. KG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'abz-ssl-client-dk.lidl.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20320741355571702374526539182414348320929136963460671882888782991259793416418204039270082539962431399214805113871792131682646056848650474912156017946785429518127560181735751729394219308292667599735911885701381032023060950145116382635257735907119811248202277892840043741783673699859550410603179433543986816630739820580474272479672663704243980456473638011181690801007553913808358489656221765561263806346931566505861394198494111230835971932432978153139442114478716962503219125575106831056144747159641442716355048633249706603874999523138627629484362626681477178617861537090587202373962098701009168190253541681089330139529
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.abz-ssl-client-dk.lidl.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abz-ssl-client-dk.lidl.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c5dfe60f619630354ee6e128b1c51147cdee209e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (605 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (601 bytes)
							025700760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018f712387c30000040300473045022100d8351f246173b16ab11d8f5767535a8fd28cf57fd5bff1e593382484e5fc01d60220261e376f8f25ec71f988457067ba3f05bc1f23f0b71e82a3bb4001665967bb0a007500e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f54040000018f712385ba000004030046304402200e6845aa16371fee9c3dd9508627132ab47d2b84f284f7e5965fcc90a5bbf4c202204ea3c5486f6173c302748d5afc73f1d5144d8d17184d595a038ce75cbc2b648c007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f712384ce000004030046304402201886545a579d986c20a5c5125fe63fbd047e78561d650428cce2a1ae2242cdb502201047a88260122fd9f326e54a03e8e2dff9738ba6e26b917f19803fe55a0f8881007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f712384e60000040300473045022100986252af97fc276a99ef417c89282a0ed2f9e89204d01a2b4e8cd8234b3608bd02204ef697f0fd750252016445714388fc28b9e7401dfb1481fcb370491266217a9b0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f712386c20000040300483046022100f906211d0eba1e43ab654b1cad768bfd5d6dee38c94af1006de7d4234ba10cd7022100df074c9e14d4085b6e20e12d4bfc3fd45717aeeb1fb111815092297f11d2b6cf
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		003d6ea5d2964447b64b734cb1654d71d455ac54c96d40759fe4471c7e525bc41fa2d083fafddc3765613461dc51e3c37b5f474ba76c37d4e94c0a6c2f339659fdb4053571cc133495e20d51d2e43746519e25e3fd0a85605fa917ccd73c41cae83ebb48fe79e69aed36246e558ab27db1282c073545f6632359e1f15397491c2dc7bc89e7cbc8436b5f749f0b19816c194ff83de5dd0891f5a0fe251a182401267039af854d1653e58b54618065ccc0d150becdef5b3e907c9d722845c8cdd2686581f5b8177b41814132b82f371de465ef6ed85d2b9c448a548e06ef7b9e210be578c140b0870944ce64883caea8b663c720c2e5f4fc3f72b56fad5187d4d765452629799402bce993f3138e3846ae3d52a4b4c6bbc1b64b17492c1343fef940dbb0498ee12b431e69a9b195c27ea34031abe8d88b79752c995658bae5c800e7dd402dea40cf72664dc541cb80bdf75d2bc1b9dd81df9ccf4c009d5e996bf04d19dba686f83a7f7b68b0fd68f21ee5323db0df56f8dbd295b6012353d365b6cb281ed308178bea727d77035ffb8668833cfe097192adccb1584ed26eca7c82237a2df2f9f6361d1aff341b924a9e2c5c78bb7144e9a59d5fe96b1b53495e7599264fc7fe29b11668ba2d7b0bb59fd8a6051f7e5706e5cab812c21f5b0449c4704b7eb3f330fb358d18e9e76390e6d50fa5a07addaca56039ee6ac64e1adc21d7