qgb-ssl-client-gb.lidl.net
- Lidl Stiftung & Co. KG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 72:ba:84:56:9b:c3:f4:36:e1:79:22:9e:0b:c6:7c:1a:c6:5f:bb:91 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Lidl Stiftung & Co. KG
Organization:
Lidl Stiftung & Co. KG
State / Province:
BW
Locality: Neckarsulm
Country: DE
Locality: Neckarsulm
Country: DE
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 72:ba:84:56:9b:c3:f4:36:e1:79:22:9e:0b:c6:7c:1a:c6:5f:bb:91Serial Number (int): 654984414773918739710290147048014659023957638033
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: dd:18:80:7d:7f:2f:ce:0c:ef:a3:54:3f:ff:d9:e1:61:c8:bb:6b:70
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 1a:9a:87:10:b7:e2:24:4d:a1:b5:3f:40:d8:91:95:75:6c:30:04:fd
Fingerprint (sha256): 59:e3:75:21:12:9e:70:d7:40:c6:64:a8:e7:1f:6e:2d:c1:6b:df:00:ce:0e:94:8d:83:93:61:39:7d:a1:f3:c8
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate qgb-ssl-client-gb.lidl.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for qgb-ssl-client-gb.lidl.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
qgb-ssl-client-gb.lidl.net
Other certificates including the domain name lidl.net
(limited to 100 certificates)
cms-esaint.lidl.net
exp1.ucie.lidl.net
lsap29.asp.lidl.net
se1-ucexe-p001.lidl.net
abz-ssl-client-si.lidl.net
exp2.ucie.lidl.net
se1-ucexe-p001.lidl.net
qie-ssl-client-ie.lidl.net
hk-ucexe-p002.lidl.com.hk
lhr.hr.lidl.net
fizz.lidl.net
qdk-ssl-client-dk.lidl.net
l-tas154.asp.lidl.net
se1-ucexe-p001.lidl.net
ps4-ssl-client-eric.lidl.net
fizz.lidl.net
*.retail.lidl.net
qeu-ssl-client-eric.lidl.net
l-as525.asp.lidl.net
wirelessportal.lidl.com
hk-ucexe-p002.lidl.com.hk
se1-ucexe-p001.lidl.net
hgb-ssl-client-gb.lidl.net
heu-ssl-client-eric.lidl.net
exp2.ucie.lidl.net
fizz.lidl.net
se1-ucexe-p002.lidl.net
fizz.lidl.net
l-tas408.asp.lidl.net
fizz.lidl.net
*.sdl-career.lidl.net
heu-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
pf3-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
se1-ucexe-p001.lidl.net
qps-ssl-client.lidl.net
se1-ucexe-p001.lidl.net
hsi-ssl-client-si.lidl.net
*.vdc.lidl.net
se1-ucexe-p001.lidl.net
out-uc17.lidl.net
abz-ssl-client-gb.lidl.net
abz-ssl-client-cssz.lidl.net
hcz-ssl-client-cssz.lidl.net
exp1.ucie.lidl.net
ebz-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
qsi-ssl-client-si.lidl.net
wirelessportal.lidl.com
out-uc17.lidl.net
*.vdc.lidl.net
jss.lidl.net
fmmobile-qs.lidl.net
wirelessportal.lidl.com
pf3-ssl-client-eric.lidl.net
qie-ssl-client-ie.lidl.net
qps-ssl-client.lidl.net
out-uc18.lidl.net
ebz-ssl-client-eric.lidl.net
qeu-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
ebz-ssl-client-eric.lidl.net
se1-ucexe-p001.lidl.net
wirelessportal.lidl.com
hps-ssl-client.lidl.net
abz-ssl-client-dk.lidl.net
qsi-ssl-client-si.lidl.net
hdk-ssl-client-dk.lidl.net
se1-ucexe-p001.lidl.net
out-uc18.lidl.net
qs4-ssl-client-eric.lidl.net
out-uc18.lidl.net
out-uc18.lidl.net
se1-ucexe-p001.lidl.net
fizz.lidl.net
abz-ssl-client-dk.lidl.net
ebz-ssl-client-dk.lidl.net
hdk-ssl-client-dk.lidl.net
qf3-ssl-client-eric.lidl.net
se1-ucexe-p002.lidl.net
hgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
abz-ssl-client-si.lidl.net
se1-ucexe-p001.lidl.net
es4-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
exp2.ucie.lidl.net
*.vdc.lidl.net
jss.lidl.net
abz-ssl-client-eric.lidl.net
ssl-client-eee.lidl.net
se1-ucexe-p002.lidl.net
ebz-ssl-client-si.lidl.net
*.esaint.lidl.net
ssl-client-eee.lidl.net
qde-ssl-client-eric.lidl.net
hk-ucexe-p002.lidl.com.hk
heu-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
lsap29.asp.lidl.net
se1-ucexe-p001.lidl.net
abz-ssl-client-si.lidl.net
exp2.ucie.lidl.net
se1-ucexe-p001.lidl.net
qie-ssl-client-ie.lidl.net
hk-ucexe-p002.lidl.com.hk
lhr.hr.lidl.net
fizz.lidl.net
qdk-ssl-client-dk.lidl.net
l-tas154.asp.lidl.net
se1-ucexe-p001.lidl.net
ps4-ssl-client-eric.lidl.net
fizz.lidl.net
*.retail.lidl.net
qeu-ssl-client-eric.lidl.net
l-as525.asp.lidl.net
wirelessportal.lidl.com
hk-ucexe-p002.lidl.com.hk
se1-ucexe-p001.lidl.net
hgb-ssl-client-gb.lidl.net
heu-ssl-client-eric.lidl.net
exp2.ucie.lidl.net
fizz.lidl.net
se1-ucexe-p002.lidl.net
fizz.lidl.net
l-tas408.asp.lidl.net
fizz.lidl.net
*.sdl-career.lidl.net
heu-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
pf3-ssl-client-eric.lidl.net
exp1.ucie.lidl.net
se1-ucexe-p001.lidl.net
qps-ssl-client.lidl.net
se1-ucexe-p001.lidl.net
hsi-ssl-client-si.lidl.net
*.vdc.lidl.net
se1-ucexe-p001.lidl.net
out-uc17.lidl.net
abz-ssl-client-gb.lidl.net
abz-ssl-client-cssz.lidl.net
hcz-ssl-client-cssz.lidl.net
exp1.ucie.lidl.net
ebz-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
qsi-ssl-client-si.lidl.net
wirelessportal.lidl.com
out-uc17.lidl.net
*.vdc.lidl.net
jss.lidl.net
fmmobile-qs.lidl.net
wirelessportal.lidl.com
pf3-ssl-client-eric.lidl.net
qie-ssl-client-ie.lidl.net
qps-ssl-client.lidl.net
out-uc18.lidl.net
ebz-ssl-client-eric.lidl.net
qeu-ssl-client-eric.lidl.net
heu-ssl-client-eric.lidl.net
ebz-ssl-client-eric.lidl.net
se1-ucexe-p001.lidl.net
wirelessportal.lidl.com
hps-ssl-client.lidl.net
abz-ssl-client-dk.lidl.net
qsi-ssl-client-si.lidl.net
hdk-ssl-client-dk.lidl.net
se1-ucexe-p001.lidl.net
out-uc18.lidl.net
qs4-ssl-client-eric.lidl.net
out-uc18.lidl.net
out-uc18.lidl.net
se1-ucexe-p001.lidl.net
fizz.lidl.net
abz-ssl-client-dk.lidl.net
ebz-ssl-client-dk.lidl.net
hdk-ssl-client-dk.lidl.net
qf3-ssl-client-eric.lidl.net
se1-ucexe-p002.lidl.net
hgb-ssl-client-gb.lidl.net
abz-ssl-client-eric.lidl.net
abz-ssl-client-si.lidl.net
se1-ucexe-p001.lidl.net
es4-ssl-client-eric.lidl.net
qgb-ssl-client-gb.lidl.net
exp2.ucie.lidl.net
*.vdc.lidl.net
jss.lidl.net
abz-ssl-client-eric.lidl.net
ssl-client-eee.lidl.net
se1-ucexe-p002.lidl.net
ebz-ssl-client-si.lidl.net
*.esaint.lidl.net
ssl-client-eee.lidl.net
qde-ssl-client-eric.lidl.net
hk-ucexe-p002.lidl.com.hk
heu-ssl-client-eric.lidl.net
Certificate
The complete raw certificate details for qgb-ssl-client-gb.lidl.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIII2jCCBsKgAwIBAgIUcrqEVpvD9DbheSKeC8Z8GsZfu5EwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTIzMTAwMjE0 NTMxMVoXDTI0MTAwMjE0NTMxMVowdTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkJX MRMwEQYDVQQHDApOZWNrYXJzdWxtMR8wHQYDVQQKDBZMaWRsIFN0aWZ0dW5nICYg Q28uIEtHMSMwIQYDVQQDExpxZ2Itc3NsLWNsaWVudC1nYi5saWRsLm5ldDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKadJzG4qn2YsKSqyIWJNo1Mj+UP kIqGgswr1Itj+QWfP8/Cm9xHp2wn/hwiJg31azT6NfbV6OdhrEqJp1wvScZqDahx 11xxC9dV/Nk/XYoAdhkWJ1U8HmQP8VCPAOgCkfT8qsj814JpSsoGKmJycnk+2x6a lzfKrmC4Gr9tCkoCz2ANqGn4A384ghpMrlO/exDQprMtR93hseFrZxzZAbXNTb2B Q9CvJaQGALyE5mt590FTTkyGjvKHe52lEURGiuhu7jFD8SCSYp9dpgxYhvrASzRm a1jOrMVznAvUBOMXBVumrOTO8uZXgGKEGkroFBp5HHLWS+D9SKu2prsokCsCAwEA AaOCBIUwggSBMIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZAaHR0cDov L2FpYS5zd2lzc3NpZ24uY2gvYWlyLTBmMmJmOWE1LWRkMzctNDhjOS1hODViLTEy YWNkY2I4YmU0NTBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3NzaWduLmNo L3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjczZWZlYzBv BgNVHSAEaDBmMAgGBmeBDAECAjAIBgYEAI96AQcwUAYIYIV0AVkCAQIwRDBCBggr BgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NT aWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwuc3dp c3NzaWduLmNoL2NkcC05NmI2MmY1YS02YjczLTRkYTQtODdmNy1jZTQwMDJjMWNk MzQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIF oDAlBgNVHREEHjAcghpxZ2Itc3NsLWNsaWVudC1nYi5saWRsLm5ldDAdBgNVHQ4E FgQU3RiAfX8vzgzvo1Q//9nhYci7a3AwHwYDVR0jBBgwFoAUfG8KbxMP2YwkbyY0 81xrQ223I7YwggJuBgorBgEEAdZ5AgQCBIICXgSCAloCWAB3AFWB1MIWkDYBSuoL m1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABivDhAJIAAAQDAEgwRgIhANX4Rcfzuqjz ws91+y1CLJ1VeW1V5f2651raxCLe3psqAiEAhnk+pUw0fSVNFpAZxuaGjrxGssE9 P1TEQ7jsroJp/aAAdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAA AYrw4QH6AAAEAwBHMEUCIQCBiUow5FEv7wiY4YSMXyQo6pluuqZ2Vbnaq7Dxn7ZF uQIgE02aSglEHOOSdDGP8W+wtZDlSyWfeyNmgVQGY0/AgQoAdQB2/4g/Crb7lVHC Ycz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYrw4QLZAAAEAwBGMEQCIHgrA4YCktnU sGPPF+t6hNM+nEnyUAWsOKPMiWi85ldFAiBIG8i5CuAAQhs+VhAi7VxEQO9ElijL IuEBi2RSvRAXoAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAAB ivDhBasAAAQDAEcwRQIhAJEdpPUsXe/5yGB8vi8yakYJDGidlmXxkxs2jHgZki3v AiBZJT5LAJyOcyf+NMZF9P0W+DM964Ro93vGI1gT8iM0GwB2AIdPtQ3AKdmTHeVz 6fKJno5FM7OS04sKRiV0vw/usvweAAABivDhCXYAAAQDAEcwRQIgGbXZBwPrgwGg wwT3HQIuA1hYUpKMFi+lyPttAgxdLlECIQDyWvs+XkkWvUBO7O3B8Mwv6+6xxXES 1egYx4kt79GX1TANBgkqhkiG9w0BAQsFAAOCAgEAv0E7f4M6P4GlCED1uDXifrJF n7lNjKub7YiQ0MH6Asx7/qXhUuCk5U4734V24+Y01MIy5E+Kp3vRsaE/OO+nGcgc IPx1iMZvQHHeI93uRCcTxMk3mt0x1f2LL0rjlVGVBLCc/SE7RA1hgr/11Q5xb9mO VmEKomJdp4KTAFtxIid9SQVY54ViTwy/ZdlQ00ks20jgI3lIMcWs/BXiLqiHFnne S2dqjzAsxF+gUFsSLuLewPIQxxzU9C6oRjEN+YTXpU8fXILNVxWC9JYsVIgPENDa DPZO1tKBOeIU05+3NXNHasTw7+RE3OyS/EWfP5sy6V7tDqBwcOrd6wfaIgpIGn0t yVcsbTUxnpsPCoCWEfZoOE34Qoh/M8Jm0ZuSqFGrmG+rDvV2FR7IKCCb+6BGtuZt tcFEndzDfZgd3Un4pnNTw80d8r6rWXDwntuE2ac/8eAU7HXD9noJ6KeNm+jYJvY2 rPvED6iwVfykAwKbfnsz4w274Sokoiiqsz93/Lsa/mOai0AaHb8EsR3aX37Z/C8W NzlOjoJzGCuCgpbtuB/J5yw/aXrz7loXiQWLYDLC6jnxbQOs5D+0WJp/tWuZmR7s hegt/13wpSO9vkquovviTb/h7yTkJdsBoAj6KQB9xKZh/ppYWrbQlGLevkuoJVM4 5ib+tdvsorEvEm2Wz/U= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp0nMbiqfZiwpKrIhYk2 jUyP5Q+QioaCzCvUi2P5BZ8/z8Kb3EenbCf+HCImDfVrNPo19tXo52GsSomnXC9J xmoNqHHXXHEL11X82T9digB2GRYnVTweZA/xUI8A6AKR9PyqyPzXgmlKygYqYnJy eT7bHpqXN8quYLgav20KSgLPYA2oafgDfziCGkyuU797ENCmsy1H3eGx4WtnHNkB tc1NvYFD0K8lpAYAvITma3n3QVNOTIaO8od7naURREaK6G7uMUPxIJJin12mDFiG +sBLNGZrWM6sxXOcC9QE4xcFW6as5M7y5leAYoQaSugUGnkcctZL4P1Iq7amuyiQ KwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 654984414773918739710290147048014659023957638033 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-02 14:53:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-02 14:53:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BW' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Neckarsulm' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Lidl Stiftung & Co. KG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'qgb-ssl-client-gb.lidl.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21033053707459019517076085927084942071442048121101021233456765574937318394123296592505568747260743226206502887923737541006963384762811584547841453978331824191042372798503071386423336734972777145829992165389435037369418974844923165953900960030199831244364153701298646646861258046805383701300691754440918416152417252697988953046247195932443336344595224925893160269347573323355319193911185928136410160055583118631219192639190351423167280495165948613476062363339951605389809830156610866511368648064198371024699781338049938899584171442933077590396582638468274193831234364848983979704964582407075486322599194125412214542379 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qgb-ssl-client-gb.lidl.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dd18807d7f2fce0cefa3543fffd9e161c8bb6b70 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes) 02580077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018af0e100920000040300483046022100d5f845c7f3baa8f3c2cf75fb2d422c9d55796d55e5fdbae75adac422dede9b2a02210086793ea54c347d254d169019c6e6868ebc46b2c13d3f54c443b8ecae8269fda0007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018af0e101fa000004030047304502210081894a30e4512fef0898e1848c5f2428ea996ebaa67655b9daabb0f19fb645b90220134d9a4a09441ce39274318ff16fb0b590e54b259f7b2366815406634fc0810a00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018af0e102d900000403004630440220782b03860292d9d4b063cf17eb7a84d33e9c49f25005ac38a3cc8968bce657450220481bc8b90ae000421b3e561022ed5c4440ef449628cb22e1018b6452bd1017a0007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018af0e105ab0000040300473045022100911da4f52c5deff9c8607cbe2f326a46090c689d9665f1931b368c7819922def022059253e4b009c8e7327fe34c645f4fd16f8333deb8468f77bc6235813f223341b007600874fb50dc029d9931de573e9f2899e8e4533b392d38b0a462574bf0feeb2fc1e0000018af0e109760000040300473045022019b5d90703eb8301a0c304f71d022e03585852928c162fa5c8fb6d020c5d2e51022100f25afb3e5e4916bd404eecedc1f0cc2febeeb1c57112d5e818c7892defd197d5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00bf413b7f833a3f81a50840f5b835e27eb2459fb94d8cab9bed8890d0c1fa02cc7bfea5e152e0a4e54e3bdf8576e3e634d4c232e44f8aa77bd1b1a13f38efa719c81c20fc7588c66f4071de23ddee442713c4c9379add31d5fd8b2f4ae395519504b09cfd213b440d6182bff5d50e716fd98e56610aa2625da78293005b7122277d490558e785624f0cbf65d950d3492cdb48e023794831c5acfc15e22ea8871679de4b676a8f302cc45fa0505b122ee2dec0f210c71cd4f42ea846310df984d7a54f1f5c82cd571582f4962c54880f10d0da0cf64ed6d28139e214d39fb73573476ac4f0efe444dcec92fc459f3f9b32e95eed0ea07070eaddeb07da220a481a7d2dc9572c6d35319e9b0f0a809611f668384df842887f33c266d19b92a851ab986fab0ef576151ec828209bfba046b6e66db5c1449ddcc37d981ddd49f8a67353c3cd1df2beab5970f09edb84d9a73ff1e014ec75c3f67a09e8a78d9be8d826f636acfbc40fa8b055fca403029b7e7b33e30dbbe12a24a228aab33f77fcbb1afe639a8b401a1dbf04b11dda5f7ed9fc2f1637394e8e8273182b828296edb81fc9e72c3f697af3ee5a1789058b6032c2ea39f16d03ace43fb4589a7fb56b99991eec85e82dff5df0a523bdbe4aaea2fbe24dbfe1ef24e425db01a008fa29007dc4a661fe9a585ab6d09462debe4ba8255338e626feb5dbeca2b12f126d96cff5