abz-ssl-client-dk.lidl.net
- Lidl Stiftung & Co. KG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 48:5f:a3:7e:2f:5c:88:13:85:21:fb:01:c6:61:5f:37:be:a5:39:4c was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Lidl Stiftung & Co. KG
Organization:
Lidl Stiftung & Co. KG
State / Province:
BW
Locality: Neckarsulm
Country: DE
Locality: Neckarsulm
Country: DE
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 48:5f:a3:7e:2f:5c:88:13:85:21:fb:01:c6:61:5f:37:be:a5:39:4cSerial Number (int): 413180148534316130968802069289694384090092222796
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: c5:df:e6:0f:61:96:30:35:4e:e6:e1:28:b1:c5:11:47:cd:ee:20:9e
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 55:26:ab:37:4c:34:3b:bc:38:d1:82:9b:38:dc:6b:c0:2f:34:18:65
Fingerprint (sha256): 4d:6c:7a:5d:2e:5e:8e:b4:61:fa:54:b7:f8:0e:ba:36:34:a7:1b:a8:af:ff:87:06:f3:11:34:47:d6:67:ba:3e
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate abz-ssl-client-dk.lidl.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for abz-ssl-client-dk.lidl.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.abz-ssl-client-dk.lidl.net
abz-ssl-client-dk.lidl.net
abz-ssl-client-dk.lidl.net
Other certificates including the domain name lidl.net
(limited to 100 certificates)
cms-esaint.lidl.net
exp1.ucie.lidl.net
lsap29.asp.lidl.net
se1-ucexe-p001.lidl.net
abz-ssl-client-si.lidl.net
exp2.ucie.lidl.net
se1-ucexe-p001.lidl.net
qie-ssl-client-ie.lidl.net
hk-ucexe-p002.lidl.com.hk
lhr.hr.lidl.net
fizz.lidl.net
qdk-ssl-client-dk.lidl.net
l-tas154.asp.lidl.net
se1-ucexe-p001.lidl.net
ps4-ssl-client-eric.lidl.net
fizz.lidl.net
*.retail.lidl.net
qeu-ssl-client-eric.lidl.net
l-as525.asp.lidl.net
wirelessportal.lidl.com
hk-ucexe-p002.lidl.com.hk
se1-ucexe-p001.lidl.net
hgb-ssl-client-gb.lidl.net
heu-ssl-client-eric.lidl.net
exp2.ucie.lidl.net
fizz.lidl.net
se1-ucexe-p002.lidl.net
fizz.lidl.net
l-tas408.asp.lidl.net
fizz.lidl.net
*.sdl-career.lidl.net
heu-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
pf3-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
se1-ucexe-p001.lidl.net
qps-ssl-client.lidl.net
se1-ucexe-p001.lidl.net
hsi-ssl-client-si.lidl.net
*.vdc.lidl.net
se1-ucexe-p001.lidl.net
out-uc17.lidl.net
abz-ssl-client-gb.lidl.net
abz-ssl-client-cssz.lidl.net
hcz-ssl-client-cssz.lidl.net
exp1.ucie.lidl.net
ebz-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
qsi-ssl-client-si.lidl.net
wirelessportal.lidl.com
out-uc17.lidl.net
*.vdc.lidl.net
jss.lidl.net
fmmobile-qs.lidl.net
wirelessportal.lidl.com
pf3-ssl-client-eric.lidl.net
qie-ssl-client-ie.lidl.net
qps-ssl-client.lidl.net
out-uc18.lidl.net
ebz-ssl-client-eric.lidl.net
qeu-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
ebz-ssl-client-eric.lidl.net
se1-ucexe-p001.lidl.net
wirelessportal.lidl.com
hps-ssl-client.lidl.net
abz-ssl-client-dk.lidl.net
qsi-ssl-client-si.lidl.net
hdk-ssl-client-dk.lidl.net
se1-ucexe-p001.lidl.net
out-uc18.lidl.net
qs4-ssl-client-eric.lidl.net
out-uc18.lidl.net
out-uc18.lidl.net
se1-ucexe-p001.lidl.net
fizz.lidl.net
abz-ssl-client-dk.lidl.net
ebz-ssl-client-dk.lidl.net
hdk-ssl-client-dk.lidl.net
qf3-ssl-client-eric.lidl.net
se1-ucexe-p002.lidl.net
hgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
abz-ssl-client-si.lidl.net
se1-ucexe-p001.lidl.net
es4-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
exp2.ucie.lidl.net
*.vdc.lidl.net
jss.lidl.net
abz-ssl-client-eric.lidl.net
ssl-client-eee.lidl.net
se1-ucexe-p002.lidl.net
ebz-ssl-client-si.lidl.net
*.esaint.lidl.net
ssl-client-eee.lidl.net
qde-ssl-client-eric.lidl.net
hk-ucexe-p002.lidl.com.hk
heu-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
lsap29.asp.lidl.net
se1-ucexe-p001.lidl.net
abz-ssl-client-si.lidl.net
exp2.ucie.lidl.net
se1-ucexe-p001.lidl.net
qie-ssl-client-ie.lidl.net
hk-ucexe-p002.lidl.com.hk
lhr.hr.lidl.net
fizz.lidl.net
qdk-ssl-client-dk.lidl.net
l-tas154.asp.lidl.net
se1-ucexe-p001.lidl.net
ps4-ssl-client-eric.lidl.net
fizz.lidl.net
*.retail.lidl.net
qeu-ssl-client-eric.lidl.net
l-as525.asp.lidl.net
wirelessportal.lidl.com
hk-ucexe-p002.lidl.com.hk
se1-ucexe-p001.lidl.net
hgb-ssl-client-gb.lidl.net
heu-ssl-client-eric.lidl.net
exp2.ucie.lidl.net
fizz.lidl.net
se1-ucexe-p002.lidl.net
fizz.lidl.net
l-tas408.asp.lidl.net
fizz.lidl.net
*.sdl-career.lidl.net
heu-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
pf3-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
se1-ucexe-p001.lidl.net
qps-ssl-client.lidl.net
se1-ucexe-p001.lidl.net
hsi-ssl-client-si.lidl.net
*.vdc.lidl.net
se1-ucexe-p001.lidl.net
out-uc17.lidl.net
abz-ssl-client-gb.lidl.net
abz-ssl-client-cssz.lidl.net
hcz-ssl-client-cssz.lidl.net
exp1.ucie.lidl.net
ebz-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
qsi-ssl-client-si.lidl.net
wirelessportal.lidl.com
out-uc17.lidl.net
*.vdc.lidl.net
jss.lidl.net
fmmobile-qs.lidl.net
wirelessportal.lidl.com
pf3-ssl-client-eric.lidl.net
qie-ssl-client-ie.lidl.net
qps-ssl-client.lidl.net
out-uc18.lidl.net
ebz-ssl-client-eric.lidl.net
qeu-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
ebz-ssl-client-eric.lidl.net
se1-ucexe-p001.lidl.net
wirelessportal.lidl.com
hps-ssl-client.lidl.net
abz-ssl-client-dk.lidl.net
qsi-ssl-client-si.lidl.net
hdk-ssl-client-dk.lidl.net
se1-ucexe-p001.lidl.net
out-uc18.lidl.net
qs4-ssl-client-eric.lidl.net
out-uc18.lidl.net
out-uc18.lidl.net
se1-ucexe-p001.lidl.net
fizz.lidl.net
abz-ssl-client-dk.lidl.net
ebz-ssl-client-dk.lidl.net
hdk-ssl-client-dk.lidl.net
qf3-ssl-client-eric.lidl.net
se1-ucexe-p002.lidl.net
hgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
abz-ssl-client-si.lidl.net
se1-ucexe-p001.lidl.net
es4-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
exp2.ucie.lidl.net
*.vdc.lidl.net
jss.lidl.net
abz-ssl-client-eric.lidl.net
ssl-client-eee.lidl.net
se1-ucexe-p002.lidl.net
ebz-ssl-client-si.lidl.net
*.esaint.lidl.net
ssl-client-eee.lidl.net
qde-ssl-client-eric.lidl.net
hk-ucexe-p002.lidl.com.hk
heu-ssl-client-eric.lidl.net
Certificate
The complete raw certificate details for abz-ssl-client-dk.lidl.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIII+TCCBuGgAwIBAgIUSF+jfi9ciBOFIfsBxmFfN76lOUwwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDUxMzA4 NDgyM1oXDTI1MDUxMzA4NDgyM1owdTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkJX MRMwEQYDVQQHDApOZWNrYXJzdWxtMR8wHQYDVQQKDBZMaWRsIFN0aWZ0dW5nICYg Q28uIEtHMSMwIQYDVQQDExphYnotc3NsLWNsaWVudC1kay5saWRsLm5ldDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKD4pbZ0cZBClVy2yMLkesS66ZPC oAALO+8lIwF0EjTdcRaqw3Z7YXRaMNMULVuOX/kFW4HBtl/+UvxWp6aREymmAj+P x9zsWCyaeS9HMy3+SA7lGrYwr1Zx9vOrZqXJRRfNiX2KKDmVZNDYJw3LQpYEft/i LhIbdIO3N2ltJFlb10a9E0YoCV/UqpkII1orJArr1Xc6F9xgxqhWt07bl4gR5FMM WVHYW/6120cChLLj7pAF7ijzJT967J1hdttW9MzzJDrD9wrwUDpwYk4zrdgMfj1W X5Pps4B7N9nmJb4uqUxLytgy5LUtxTKM7/gmm9elYuL1CsART27Vd2el0YkCAwEA AaOCBKQwggSgMIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZAaHR0cDov L2FpYS5zd2lzc3NpZ24uY2gvYWlyLTBmMmJmOWE1LWRkMzctNDhjOS1hODViLTEy YWNkY2I4YmU0NTBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3NzaWduLmNo L3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjczZWZlYzBv BgNVHSAEaDBmMAgGBmeBDAECAjAIBgYEAI96AQcwUAYIYIV0AVkCAQIwRDBCBggr BgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NT aWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwuc3dp c3NzaWduLmNoL2NkcC05NmI2MmY1YS02YjczLTRkYTQtODdmNy1jZTQwMDJjMWNk MzQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIF oDBFBgNVHREEPjA8gh53d3cuYWJ6LXNzbC1jbGllbnQtZGsubGlkbC5uZXSCGmFi ei1zc2wtY2xpZW50LWRrLmxpZGwubmV0MB0GA1UdDgQWBBTF3+YPYZYwNU7m4Six xRFHze4gnjAfBgNVHSMEGDAWgBR8bwpvEw/ZjCRvJjTzXGtDbbcjtjCCAm0GCisG AQQB1nkCBAIEggJdBIICWQJXAHYAKOKBOP2DIUXpqdaqdTdtg3eohRKzwH9yQUgh 3L3pjGYAAAGPcSOHwwAABAMARzBFAiEA2DUfJGFzsWqxHY9XZ1Naj9KM9X/Vv/Hl kzgkhOX8AdYCICYeN2+PJexx+YhFcGe6PwW8HyPwtx6Co7tAAWZZZ7sKAHUA4JKz /AwdyOdoNh/eYbmWTQpSeBmKctZyxLBNpW1vVAQAAAGPcSOFugAABAMARjBEAiAO aEWqFjcf7pw92VCGJxMqtH0rhPKE9+WWX8yQpbv0wgIgTqPFSG9hc8MCdI1a/HPx 1RRNjRcYTVlaA4znXLwrZIwAdQDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3 zsw7CAAAAY9xI4TOAAAEAwBGMEQCIBiGVFpXnZhsIKXFEl/mP70EfnhWHWUEKMzi oa4iQs21AiAQR6iCYBIv2fMm5UoD6OLf+XOLpuJrkX8ZgD/lWg+IgQB2AMz7D2qF cQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAABj3EjhOYAAAQDAEcwRQIhAJhi Uq+X/Cdqme9BfIkoKg7S+eiSBNAaK06M2CNLNgi9AiBO9pfw/XUCUgFkRXFDiPwo uedAHfsUgfyzcEkSZiF6mwB3AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFi mjnfAAABj3EjhsIAAAQDAEgwRgIhAPkGIR0Ouh5Dq2VLHK12i/1dbe44yUrxAG3n 1CNLoQzXAiEA3wdMnhTUCFtuIOEtS/w/1FcXrusfsRGBUJIpfxHSts8wDQYJKoZI hvcNAQELBQADggIBAD1updKWREe2S3NMsWVNcdRVrFTJbUB1n+RHHH5SW8QfotCD +v3cN2VhNGHcUePDe19HS6dsN9TpTApsLzOWWf20BTVxzBM0leINUdLkN0ZRniXj /QqFYF+pF8zXPEHK6D67SP555prtNiRuVYqyfbEoLAc1RfZjI1nh8VOXSRwtx7yJ 58vIQ2tfdJ8LGYFsGU/4PeXdCJH1oP4lGhgkASZwOa+FTRZT5YtUYYBlzMDRUL7N 71s+kHydcihFyM3SaGWB9bgXe0GBQTK4Lzcd5GXvbthdK5xEilSOBu97niEL5XjB QLCHCUTOZIg8rqi2Y8cgwuX0/D9ytW+tUYfU12VFJil5lAK86ZPzE444Rq49UqS0 xrvBtksXSSwTQ/75QNuwSY7hK0MeaamxlcJ+o0Axq+jYi3l1LJlWWLrlyADn3UAt 6kDPcmZNxUHLgL33XSvBud2B35zPTACdXplr8E0Z26aG+Dp/e2iw/WjyHuUyPbDf Vvjb0pW2ASNT02W2yyge0wgXi+pyfXcDX/uGaIM8/glxkq3MsVhO0m7KfIIjei3y +fY2HRr/NBuSSp4sXHi7cUTppZ1f6WsbU0ledZkmT8f+KbEWaLotewu1n9imBR9+ VwblyrgSwh9bBEnEcEt+s/Mw+zWNGOnnY5Dm1Q+loHrdrKVgOe5qxk4a3CHX -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPiltnRxkEKVXLbIwuR6 xLrpk8KgAAs77yUjAXQSNN1xFqrDdnthdFow0xQtW45f+QVbgcG2X/5S/FanppET KaYCP4/H3OxYLJp5L0czLf5IDuUatjCvVnH286tmpclFF82JfYooOZVk0NgnDctC lgR+3+IuEht0g7c3aW0kWVvXRr0TRigJX9SqmQgjWiskCuvVdzoX3GDGqFa3TtuX iBHkUwxZUdhb/rXbRwKEsuPukAXuKPMlP3rsnWF221b0zPMkOsP3CvBQOnBiTjOt 2Ax+PVZfk+mzgHs32eYlvi6pTEvK2DLktS3FMozv+Cab16Vi4vUKwBFPbtV3Z6XR iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 413180148534316130968802069289694384090092222796 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-13 08:48:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-13 08:48:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BW' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Neckarsulm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Lidl Stiftung & Co. KG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'abz-ssl-client-dk.lidl.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20320741355571702374526539182414348320929136963460671882888782991259793416418204039270082539962431399214805113871792131682646056848650474912156017946785429518127560181735751729394219308292667599735911885701381032023060950145116382635257735907119811248202277892840043741783673699859550410603179433543986816630739820580474272479672663704243980456473638011181690801007553913808358489656221765561263806346931566505861394198494111230835971932432978153139442114478716962503219125575106831056144747159641442716355048633249706603874999523138627629484362626681477178617861537090587202373962098701009168190253541681089330139529 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.abz-ssl-client-dk.lidl.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abz-ssl-client-dk.lidl.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c5dfe60f619630354ee6e128b1c51147cdee209e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (605 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (601 bytes) 025700760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018f712387c30000040300473045022100d8351f246173b16ab11d8f5767535a8fd28cf57fd5bff1e593382484e5fc01d60220261e376f8f25ec71f988457067ba3f05bc1f23f0b71e82a3bb4001665967bb0a007500e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f54040000018f712385ba000004030046304402200e6845aa16371fee9c3dd9508627132ab47d2b84f284f7e5965fcc90a5bbf4c202204ea3c5486f6173c302748d5afc73f1d5144d8d17184d595a038ce75cbc2b648c007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f712384ce000004030046304402201886545a579d986c20a5c5125fe63fbd047e78561d650428cce2a1ae2242cdb502201047a88260122fd9f326e54a03e8e2dff9738ba6e26b917f19803fe55a0f8881007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f712384e60000040300473045022100986252af97fc276a99ef417c89282a0ed2f9e89204d01a2b4e8cd8234b3608bd02204ef697f0fd750252016445714388fc28b9e7401dfb1481fcb370491266217a9b0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f712386c20000040300483046022100f906211d0eba1e43ab654b1cad768bfd5d6dee38c94af1006de7d4234ba10cd7022100df074c9e14d4085b6e20e12d4bfc3fd45717aeeb1fb111815092297f11d2b6cf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 003d6ea5d2964447b64b734cb1654d71d455ac54c96d40759fe4471c7e525bc41fa2d083fafddc3765613461dc51e3c37b5f474ba76c37d4e94c0a6c2f339659fdb4053571cc133495e20d51d2e43746519e25e3fd0a85605fa917ccd73c41cae83ebb48fe79e69aed36246e558ab27db1282c073545f6632359e1f15397491c2dc7bc89e7cbc8436b5f749f0b19816c194ff83de5dd0891f5a0fe251a182401267039af854d1653e58b54618065ccc0d150becdef5b3e907c9d722845c8cdd2686581f5b8177b41814132b82f371de465ef6ed85d2b9c448a548e06ef7b9e210be578c140b0870944ce64883caea8b663c720c2e5f4fc3f72b56fad5187d4d765452629799402bce993f3138e3846ae3d52a4b4c6bbc1b64b17492c1343fef940dbb0498ee12b431e69a9b195c27ea34031abe8d88b79752c995658bae5c800e7dd402dea40cf72664dc541cb80bdf75d2bc1b9dd81df9ccf4c009d5e996bf04d19dba686f83a7f7b68b0fd68f21ee5323db0df56f8dbd295b6012353d365b6cb281ed308178bea727d77035ffb8668833cfe097192adccb1584ed26eca7c82237a2df2f9f6361d1aff341b924a9e2c5c78bb7144e9a59d5fe96b1b53495e7599264fc7fe29b11668ba2d7b0bb59fd8a6051f7e5706e5cab812c21f5b0449c4704b7eb3f330fb358d18e9e76390e6d50fa5a07addaca56039ee6ac64e1adc21d7