ssl.ukb.ch
Issued by SwissSign RSA TLS DV ICA 2021 - 1
About this certificate
This digital certificate with serial number 53:a9:4e:07:db:3a:f9:59:c3:fd:0d:5a:2d:30:78:ce:0a:41:9d:b3 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ssl.ukb.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 53:a9:4e:07:db:3a:f9:59:c3:fd:0d:5a:2d:30:78:ce:0a:41:9d:b3Serial Number (int): 477621857348616743294723026558695800501778357683
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: a7:b5:b8:d0:69:36:dd:b5:5d:28:01:35:8d:2f:5d:1c:69:1c:2d:7c
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87
Fingerprint (sha1): 28:6c:b0:b4:b1:ec:f1:e9:88:84:81:f1:9d:46:4a:8f:c8:bb:14:15
Fingerprint (sha256): 5f:f9:c5:ea:9c:f6:9c:b2:00:c5:d8:43:d0:32:e5:b7:10:cb:60:3f:b1:5f:8e:e6:d6:da:35:1b:51:5e:3d:13
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587
Revocation information
OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate ssl.ukb.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ssl.ukb.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ssl.ukb.ch
www.ssl.ukb.ch
www.ssl.ukb.ch
Other certificates including the domain name ukb.ch
(limited to 100 certificates)
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
ukb00ncs104-e.ukb.ch
ukbhb01mx01-e.urkb.ch
fintest-wwwsec.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
ukb00ncs104-e.ukb.ch
ukbhb01mx01-e.urkb.ch
fintest-wwwsec.ukb.ch
www.ukb.ch
Certificate
The complete raw certificate details for ssl.ukb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIILLTCCCRWgAwIBAgIUU6lOB9s6+VnD/Q1aLTB4zgpBnbMwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMDExNDA4 NTM0N1oXDTIzMDExNDA4NTM0N1owFTETMBEGA1UEAxMKc3NsLnVrYi5jaDCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJ+lmxt2jl8dvwIH2uyLQp8USDUf H+pwpTDmPe7y0S/y/PbTvHpSnM5jPzF9JLMDrsza2IElJ/Dx98GGkzwDrJ/VjBHT MgnVsq+dNz+cYMpWplDzPP9mH2QtCT8eJFXg21tKPfNZW79Kv1PBb0LO0iBVThES 0qNgioLY/cuF1DtRNpGguJTfYZigwTN5m81BXaxbs5DDvmAOO56/w8xl1wtJ+OMa lMv3eluwLQQx8EqbyaXp6Ycq0Hk8nwR9xSSLleg/BViOeHWPcoiMQ1p87XcBmx1h w1Lc29a5d18lmN66S1G/cFGK5QR4/8pg1zSeizpmKPXYdKKJ9fKM/r2sWUfHsj6j 2GVUNwPWIsnVeKKV/BGjIrg9SGTiLoO4kQh9wB/uZWvncKTFmD8gkCDrFAe0wOFL YcIq/rgk9jkTta1TtlQCvlVyD8A12ScqI7RV6CpaZjBW9WLmgi8k09qCG9N8ooz+ /xlMTfmRgZTZHFPSndZOvNWNwt8LFqJkQ0U/IzKIFSpCTlBm0Os4w6qKsQN8ge+9 qqSvUcA7fAWfgClVHi4VBiq5S3COoCL6Cz5WOjITKcgE3Sn8axuJI4QlkQEFEh0d cz7Z5Q7NC1F/PcOeuozBxQilaTvjGd9Q95GXVmL+7poMEzc3RkBQcQSXZCEw5H96 aM6+/5LjUEakyB6DAgMBAAGjggY4MIIGNDAlBgNVHREEHjAcggpzc2wudWtiLmNo gg53d3cuc3NsLnVrYi5jaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSntbjQaTbdtV0oATWNL10caRwtfDAf BgNVHSMEGDAWgBQ8nlJ5A2NvT5yBG9MocAwkWuqlhzCB/wYDVR0fBIH3MIH0MEeg RaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5uZXQvM0M5RTUyNzkwMzYzNkY0RjlD ODExQkQzMjg3MDBDMjQ1QUVBQTU4NzCBqKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rv cnkuc3dpc3NzaWduLm5ldC9DTj0zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMyODcw MEMyNDVBRUFBNTg3JTJDTz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRlUmV2 b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2lu dDBvBgNVHSAEaDBmMFAGCGCFdAFZAgEBMEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8v cmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbl9DUFNfVExTLnBkZjAI BgYEAI96AQYwCAYGZ4EMAQIBMIHGBggrBgEFBQcBAQSBuTCBtjBkBggrBgEFBQcw AoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxv YWQvM0M5RTUyNzkwMzYzNkY0RjlDODExQkQzMjg3MDBDMjQ1QUVBQTU4NzBOBggr BgEFBQcwAYZCaHR0cDovL29jc3Auc3dpc3NzaWduLm5ldC8zQzlFNTI3OTAzNjM2 RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3MIIDXgYKKwYBBAHWeQIEAgSCA04E ggNKA0gAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAX5Xyv9a AAAEAwBHMEUCIQDtYO7dq2n+Wc363gYRB/Ik+LKbOT2DrSYe0KRUXl2ZYQIgXsfB xQ9HBDVEUtt5MUa9bY6A3KCmF4RCpBJ754NBN6QAdgBvU3asMfAxGdiZAKRRFf93 FRwR2QLBACkGjbIImjfZEwAAAX5Xyv4kAAAEAwBHMEUCIQCPOgXyA5bXWTR/1Cbs fqrZmdW4TvS5/nc7HPvJ8priQAIge13JqC4chg7n88mFOQFSvgLSj47G+aSoEdlM Nf12p38AdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAX5Xyv4F AAAEAwBIMEYCIQDmSPh5PusngCVJ5o5R6Yg6xKTMIJCRwMRzAczILN0BewIhAO4c MurBk6ub/bZAOJ7r3Z7CVCYbCV5NMCBQM/21OND6AHUArfe++nz/EMiLnT2cHj4Y arRnKV3PsQwkyoWGNOvcgooAAAF+V8sB/wAABAMARjBEAiBw2Wpjsrk/Ov/bIiVd 5Wt1vrZASlo+hAwgVictXxe+YgIgVSMHmCpcxPjzUT2L70jntH59++D+kMZfQQFM Sqwx/t0AdgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX5Xyv+8 AAAEAwBHMEUCIQDBADrwGB8u3DuVJNBneSJuar5AuaRxhDOMxpwGvN7w1QIgT6TO 8bl+O24IERq+M/RuEQj1O5MpW9Y1sbGI5DooVOgAdgDoPtDaPvUGNTLnVyi8iWvJ A9PL0RFr7Otp4Xd9bQa9bgAAAX5XywA2AAAEAwBHMEUCICbISLRbLp5zrVKInxbT fDLliXHtkXwLHksOMjfU8K1RAiEAvwAbZ6jiw03rPFD5jWobOD8/4Yl/OxbwHvQL qhLXIToAdgDofqdmC8Js9gAu9XJdP+DjMbk5O7kvv1jrO5BJ2vVDWgAAAX5XywEU AAAEAwBHMEUCIEVpwAKK5bA7k90pHx6qgGgQl50flkCl7KnriY0G86jNAiEApt4g p+aeNR8ch2Okg5X4XCkfGkHY2iDIrHUKfWCdXfYwDQYJKoZIhvcNAQELBQADggIB ABfdL6vZdLl1Q2qk3+ysqAOS6ogU9Rzxl4ypbbecCbpiIohFFHsHxI3zxdRSZuVS n1OVoYKDyvO6Ryh1rzjB/2TS4TdPempxhfJ/7uZVH+ZtymOZCRZ9lM2Fd8J9w7EV JyKNHUqsgD5cFTeQQl4M/PX8T3xUfD0CZaXu59+1uDfVB/AnLHJhim1oahh0ku5l G5iFEqFabhTqJZOptLWcZEOo3aOxastFw0v9scbSndxLVTLCKJ8bb57YHRZmGEKs Wm0Z11Rlh+Ioy8WhyC10J9fSfSVnoP4WhTIPWWANxfGsnHIbEWC4j5jXO6UeMwi2 N0jWWlXvjb23nT9v1xzCiosk33lvCXd+gOxZx+yJpaDX/AlBgSTGgkE8Qq772WH+ C9YhFt7FGcwQhJOBZhkWgjm53+5J8E/MAdC8ngrR5eBN8LwWBY7FsyJTSRpnLbSh vSxr3JNl0unWm9h993F4xPWEsN5TezOtpyh/WxEvcgkWHwdGLF1hSqU7czaH0wGY FJqy+Rcljuf9nf+Tz5aQLxZqWaheDPzf+gRDxlDVxpTnRFb0rQYcT7tSLlyg5L+A UZVcm8UtsQFonC/1dg6+lnLFCYINpZRxAnpVSMh9c+WHZHcBUr0FsPySGcU9jvdz k/B/zIHq3vMIBXqRcUfTuvJ5R4TLqLUHQ0dmRQuy0seR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn6WbG3aOXx2/Agfa7ItC nxRINR8f6nClMOY97vLRL/L89tO8elKczmM/MX0kswOuzNrYgSUn8PH3wYaTPAOs n9WMEdMyCdWyr503P5xgylamUPM8/2YfZC0JPx4kVeDbW0o981lbv0q/U8FvQs7S IFVOERLSo2CKgtj9y4XUO1E2kaC4lN9hmKDBM3mbzUFdrFuzkMO+YA47nr/DzGXX C0n44xqUy/d6W7AtBDHwSpvJpenphyrQeTyfBH3FJIuV6D8FWI54dY9yiIxDWnzt dwGbHWHDUtzb1rl3XyWY3rpLUb9wUYrlBHj/ymDXNJ6LOmYo9dh0oon18oz+vaxZ R8eyPqPYZVQ3A9YiydV4opX8EaMiuD1IZOIug7iRCH3AH+5la+dwpMWYPyCQIOsU B7TA4Uthwir+uCT2ORO1rVO2VAK+VXIPwDXZJyojtFXoKlpmMFb1YuaCLyTT2oIb 03yijP7/GUxN+ZGBlNkcU9Kd1k681Y3C3wsWomRDRT8jMogVKkJOUGbQ6zjDqoqx A3yB772qpK9RwDt8BZ+AKVUeLhUGKrlLcI6gIvoLPlY6MhMpyATdKfxrG4kjhCWR AQUSHR1zPtnlDs0LUX89w566jMHFCKVpO+MZ31D3kZdWYv7umgwTNzdGQFBxBJdk ITDkf3pozr7/kuNQRqTIHoMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 477621857348616743294723026558695800501778357683 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-14 08:53:47 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-14 08:53:47 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ssl.ukb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 651302520400387628696754615613756641319896133117326472558349614938034473282530237948257264893681819361869491013906143158280704630601568115835811274331336119899445819420363721591702329218236510717715335766221162916370897160893933843784515334375152356076463948062619678116252977234149187567191325467875726849733072436753182903078375871323947643084662191628767749231955141799774917623201801368797973315938672799768105827648161420515050765196346991002562990204364827611582869084473405169263288836074669527953554804608238767986634051385559562229311832471684272921409154289245504544642833860692326151552282815269985963709576161212731898576177859069356875014206232650991522730283218076538618782976744786735512086651816780592789196132648180164687657536334065457659633217419970715985692104599376217601747662913492821176070903930778846596062615858375227528018653526030615215498713495978260604004727339088452081491554651585833832691638757828610829253622727692315786028470654387906011740178800274005788183268394457625399718067213745299453258098187258551397495501961280185937183762042584457919166501292408350361020667942417737986201897905451996211800901493811111764083108889241734377971665059519630098867025091294469243158643542844704890011786883 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssl.ukb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ssl.ukb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a7b5b8d06936ddb55d2801358d2f5d1c691c2d7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (846 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (842 bytes) 03480076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000017e57caff5a0000040300473045022100ed60eeddab69fe59cdfade061107f224f8b29b393d83ad261ed0a4545e5d996102205ec7c1c50f4704354452db793146bd6d8e80dca0a6178442a4127be7834137a40076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017e57cafe2400000403004730450221008f3a05f20396d759347fd426ec7eaad999d5b84ef4b9fe773b1cfbc9f29ae24002207b5dc9a82e1c860ee7f3c985390152be02d28f8ec6f9a4a811d94c35fd76a77f0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017e57cafe050000040300483046022100e648f8793eeb27802549e68e51e9883ac4a4cc209091c0c47301ccc82cdd017b022100ee1c32eac193ab9bfdb640389eebdd9ec254261b095e4d30205033fdb538d0fa007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017e57cb01ff0000040300463044022070d96a63b2b93f3affdb22255de56b75beb6404a5a3e840c2056272d5f17be620220552307982a5cc4f8f3513d8bef48e7b47e7dfbe0fe90c65f41014c4aac31fedd007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017e57caffbc0000040300473045022100c1003af0181f2edc3b9524d06779226e6abe40b9a47184338cc69c06bcdef0d502204fa4cef1b97e3b6e08111abe33f46e1108f53b93295bd635b1b188e43a2854e8007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017e57cb00360000040300473045022026c848b45b2e9e73ad52889f16d37c32e58971ed917c0b1e4b0e3237d4f0ad51022100bf001b67a8e2c34deb3c50f98d6a1b383f3fe1897f3b16f01ef40baa12d7213a007600e87ea7660bc26cf6002ef5725d3fe0e331b9393bb92fbf58eb3b9049daf5435a0000017e57cb0114000004030047304502204569c0028ae5b03b93dd291f1eaa806810979d1f9640a5eca9eb898d06f3a8cd022100a6de20a7e69e351f1c8763a48395f85c291f1a41d8da20c8ac750a7d609d5df6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0017dd2fabd974b975436aa4dfecaca80392ea8814f51cf1978ca96db79c09ba62228845147b07c48df3c5d45266e5529f5395a18283caf3ba472875af38c1ff64d2e1374f7a6a7185f27feee6551fe66dca639909167d94cd8577c27dc3b11527228d1d4aac803e5c153790425e0cfcf5fc4f7c547c3d0265a5eee7dfb5b837d507f0272c72618a6d686a187492ee651b988512a15a6e14ea2593a9b4b59c6443a8dda3b16acb45c34bfdb1c6d29ddc4b5532c2289f1b6f9ed81d16661842ac5a6d19d7546587e228cbc5a1c82d7427d7d27d2567a0fe1685320f59600dc5f1ac9c721b1160b88f98d73ba51e3308b63748d65a55ef8dbdb79d3f6fd71cc28a8b24df796f09777e80ec59c7ec89a5a0d7fc09418124c682413c42aefbd961fe0bd62116dec519cc108493816619168239b9dfee49f04fcc01d0bc9e0ad1e5e04df0bc16058ec5b32253491a672db4a1bd2c6bdc9365d2e9d69bd87df77178c4f584b0de537b33ada7287f5b112f7209161f07462c5d614aa53b733687d30198149ab2f917258ee7fd9dff93cf96902f166a59a85e0cfcdffa0443c650d5c694e74456f4ad061c4fbb522e5ca0e4bf8051955c9bc52db101689c2ff5760ebe9672c509820da59471027a5548c87d73e58764770152bd05b0fc9219c53d8ef77393f07fcc81eadef308057a917147d3baf2794784cba8b507434766450bb2d2c791