*.stgag.ch
- thurmed AG -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 35:39:17:19:05:dc:51:5d:b9:c8:0a:f7:49:0c:54:f5:66:3f:47:8b was issued on by SwissSign AG.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
thurmed AG
Organization:
thurmed AG
State / Province:
TG
Locality: Frauenfeld
Country: CH
Locality: Frauenfeld
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 35:39:17:19:05:dc:51:5d:b9:c8:0a:f7:49:0c:54:f5:66:3f:47:8bSerial Number (int): 303849665427405439401254435219717203914374727563
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: d3:ab:9d:e8:21:22:cd:05:40:e2:a0:2b:36:1d:94:e7:fa:9c:f0:4a
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 07:73:aa:49:03:16:76:d6:88:68:8c:98:69:50:73:10:40:1f:d3:ef
Fingerprint (sha256): 5c:0f:2f:fc:47:ce:65:8a:20:79:ec:80:a1:0c:b3:3d:77:12:aa:ba:29:d4:df:89:53:78:cc:37:a0:13:0f:ce
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate *.stgag.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.stgag.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.stgag.ch
Other certificates including the domain name stgag.ch
(limited to 100 certificates)
imito-test.stgag.ch
af.stgag.ch
www.stgag.ch
pol.swiss
pol.swiss
pol.swiss
rekrutierung.stgag.ch
pol.swiss
pol.swiss
stgag.ch
pol.swiss
imito-test.stgag.ch
pol.swiss
pol.swiss
www.stgag.ch
mail.stgag.ch
pol.swiss
www.stgag.ch
stgag.ch
www.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
am.stgag.ch
*.stgag.ch
stgag.ch
stgag.ch
jobportal.stgag.ch
pol.swiss
www.stgag.ch
imito.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
pol.swiss
expe.stgag.ch
*.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
*.stgag.ch
imito.stgag.ch
pol.swiss
imito-test.stgag.ch
imito.stgag.ch
pol.swiss
jobportal.stgag.ch
jobportal.stgag.ch
stg-xapf.stgag.ch
stgag.ch
pol.swiss
jobportal.stgag.ch
expe.stgag.ch
www.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
imito.stgag.ch
*.stgag.ch
imito.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
pol.swiss
imito-test.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
rekrutierung.stgag.ch
imito.stgag.ch
pol.swiss
stgag.ch
jobportal.stgag.ch
af.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
am.stgag.ch
stgag.ch
stg-xapf.stgag.ch
af.stgag.ch
www.stgag.ch
pol.swiss
pol.swiss
pol.swiss
rekrutierung.stgag.ch
pol.swiss
pol.swiss
stgag.ch
pol.swiss
imito-test.stgag.ch
pol.swiss
pol.swiss
www.stgag.ch
mail.stgag.ch
pol.swiss
www.stgag.ch
stgag.ch
www.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
am.stgag.ch
*.stgag.ch
stgag.ch
stgag.ch
jobportal.stgag.ch
pol.swiss
www.stgag.ch
imito.stgag.ch
www.stgag.ch
stg-xapf.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
pol.swiss
expe.stgag.ch
*.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
*.stgag.ch
imito.stgag.ch
pol.swiss
imito-test.stgag.ch
imito.stgag.ch
pol.swiss
jobportal.stgag.ch
jobportal.stgag.ch
stg-xapf.stgag.ch
stgag.ch
pol.swiss
jobportal.stgag.ch
expe.stgag.ch
www.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
imito.stgag.ch
*.stgag.ch
imito.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
pol.swiss
pol.swiss
pol.swiss
imito-test.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
imito-test.stgag.ch
*.stgag.ch
*.stgag.ch
stgag.ch
rekrutierung.stgag.ch
imito.stgag.ch
pol.swiss
stgag.ch
jobportal.stgag.ch
af.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
jobportal.stgag.ch
am.stgag.ch
stgag.ch
stg-xapf.stgag.ch
Certificate
The complete raw certificate details for *.stgag.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBDmgAwIBAgIUNTkXGQXcUV25yAr3SQxU9WY/R4swDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTIyMTIwNTE0 MTgyNFoXDTIzMTIwNTE0MTgyNFowWTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlRH MRMwEQYDVQQHDApGcmF1ZW5mZWxkMRMwEQYDVQQKDAp0aHVybWVkIEFHMRMwEQYD VQQDDAoqLnN0Z2FnLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA usjzi/Zbne1eRYT48CsoeEipp7ikosCE+vM72moC18oSlWVu4BhBUlC5PY6w/m16 z/Rv9jXy0eLkN2t02kWvTghK9HNYBFNaAO5+bqZsLWCsCnBK2mfiud2OoheSXlaJ 6xJ/tEWKrXvmYa3U4E1kn+elBn3toRPTtiKiUF/IrYrBj2S2XCMK9UBTMKqPl4V4 GkQ3fQpVqdC6Zvso9+VDsdjSstY/Y4hAxXAKeZFLRh1e7Q2PZnXBHmLNEwJ5Z3AV /qYuaC+RhckAToWG0Kmxkk5OQ5w8BEFuJBIhNX3sfscnNkMS4bTBLcGPyWINyfkx 4RmiwSwOpC3W+FeJINKFuwIDAQABo4ICGDCCAhQwgbIGCCsGAQUFBwEBBIGlMIGi MEwGCCsGAQUFBzAChkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMGYyYmY5 YTUtZGQzNy00OGM5LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUFBzABhkZodHRw Oi8vb2NzcC5zd2lzc3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5 LTliMWItZmQyOWFiNzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQICMAgGBgQAj3oB BzBQBghghXQBWQIBAjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnku c3dpc3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBG oESgQoZAaHR0cDovL2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYyZjVhLTZiNzMt NGRhNC04N2Y3LWNlNDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDgYDVR0PAQH/BAQDAgWgMBUGA1UdEQQOMAyCCiouc3RnYWcuY2gwHQYD VR0OBBYEFNOrneghIs0FQOKgKzYdlOf6nPBKMB8GA1UdIwQYMBaAFHxvCm8TD9mM JG8mNPNca0NttyO2MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUA A4ICAQAZgHzUJaJ8bmUDBMpngJI7gXgV2jIYNTO4SdIgzOCUGZmLP/ytfV0qyKA0 xjna+9O5aewddp90lmJzSeB703bpTY++2jekR2Z9nYQIs/1F+oCoslZSPP3vt1XB czujTdH+EnMDKzCn7gefZcuVtwudA1R469LSY1daTuKWASfT5iorXUEtuwpKKUNK emJJFBtb7goRfXA+UwdRIXYCDJ1T8Cq5AYttH6AFW16xAXlsZ99cbfg/ZkOthKy1 /0gHeWxL/zt8H45vB/GoNaK+i7pfwj8z8b9ohDl8nVsDE7fKxupR7TOqZRl7PTtc DehrdB65XtcqSQu21vfaYiBtShv+H22gL56mm20Mn5dewi44QBIGNUVg1dcHyklz An4BlI2C7mQhaUi/7uhzIkGDX7DTEVeyj4Hv3dD6qyVdEp89AJu3dyElJF0NOslJ NhRVTSD1hkAWDw7tD277to3HHkj0fxAe4JmRoqmvLL8TJ/0phTlDlqmWZ9I39hNW a2EGjetIBaygRS78GM5Jum7FJZV13n9uSwXh+zUE5dI4dfvhIjEVGn0KXwlb06W4 UoRc5ROKc22gd5OWyDqwPuM9J7JoOM+305KscaOn3AUipDnR0A+3F9BjIdTLrCFH so+P0qrQWbesA07LlGk15P9AarVePhTizJbr2aBhsCn8h6E0vA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusjzi/Zbne1eRYT48Cso eEipp7ikosCE+vM72moC18oSlWVu4BhBUlC5PY6w/m16z/Rv9jXy0eLkN2t02kWv TghK9HNYBFNaAO5+bqZsLWCsCnBK2mfiud2OoheSXlaJ6xJ/tEWKrXvmYa3U4E1k n+elBn3toRPTtiKiUF/IrYrBj2S2XCMK9UBTMKqPl4V4GkQ3fQpVqdC6Zvso9+VD sdjSstY/Y4hAxXAKeZFLRh1e7Q2PZnXBHmLNEwJ5Z3AV/qYuaC+RhckAToWG0Kmx kk5OQ5w8BEFuJBIhNX3sfscnNkMS4bTBLcGPyWINyfkx4RmiwSwOpC3W+FeJINKF uwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 303849665427405439401254435219717203914374727563 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-05 14:18:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 14:18:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'TG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Frauenfeld' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'thurmed AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.stgag.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23579417529783841403611116119566291559548425153275297886017198378221929808726869304406285105664159687399873607763973689882943419477217136873735669610342632992818435065099801498295186056463085619162316198308459778890374049804546621659361383025394821051675963021520352205300235106715233604394040144476357036319056931770981371870343106157313474085817479241803026165345502337255439422823753133888621064340712082859880388028678362179226116581451844279083866511985874475022252524145026777230006727522140766982163377488212152885892097066167817723685359619494204454759780382874650955391183334738292111013879837615479120364987 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stgag.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d3ab9de82122cd0540e2a02b361d94e7fa9cf04a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0019807cd425a27c6e650304ca6780923b817815da32183533b849d220cce09419998b3ffcad7d5d2ac8a034c639dafbd3b969ec1d769f7496627349e07bd376e94d8fbeda37a447667d9d8408b3fd45fa80a8b256523cfdefb755c1733ba34dd1fe1273032b30a7ee079f65cb95b70b9d035478ebd2d263575a4ee2960127d3e62a2b5d412dbb0a4a29434a7a6249141b5bee0a117d703e5307512176020c9d53f02ab9018b6d1fa0055b5eb101796c67df5c6df83f6643ad84acb5ff4807796c4bff3b7c1f8e6f07f1a835a2be8bba5fc23f33f1bf6884397c9d5b0313b7cac6ea51ed33aa65197b3d3b5c0de86b741eb95ed72a490bb6d6f7da62206d4a1bfe1f6da02f9ea69b6d0c9f975ec22e38401206354560d5d707ca4973027e01948d82ee64216948bfeee8732241835fb0d31157b28f81efddd0faab255d129f3d009bb7772125245d0d3ac9493614554d20f58640160f0eed0f6efbb68dc71e48f47f101ee09991a2a9af2cbf1327fd2985394396a99667d237f613566b61068deb4805aca0452efc18ce49ba6ec5259575de7f6e4b05e1fb3504e5d23875fbe12231151a7d0a5f095bd3a5b852845ce5138a736da0779396c83ab03ee33d27b26838cfb7d392ac71a3a7dc0522a439d1d00fb717d06321d4cbac2147b28f8fd2aad059b7ac034ecb946935e4ff406ab55e3e14e2cc96ebd9a061b029fc87a134bc