testgold.snb.ch
- Swiss National Bank -
Issued by SwissSign RSA TLS OV ICA 2021 - 1
About this certificate
This digital certificate with serial number 20:cd:92:e8:2a:78:34:8f:bb:5a:3c:be:7d:13:ab:36:f8:f7:5f:34 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Swiss National Bank
Organization:
Swiss National Bank
State / Province:
ZH
Locality: Zurich
Country: CH
Locality: Zurich
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 20:cd:92:e8:2a:78:34:8f:bb:5a:3c:be:7d:13:ab:36:f8:f7:5f:34Serial Number (int): 187272154827768522692109419347950388922423926580
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: 20:81:41:b6:f6:de:f5:25:53:14:d1:41:84:87:4a:ae:aa:c5:50:1e
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d
Fingerprint (sha1): ed:fe:6a:99:2e:db:bd:e7:89:a8:ea:a0:c5:67:df:fe:f5:85:89:9f
Fingerprint (sha256): 60:7b:74:31:c7:ae:78:eb:fa:5f:91:b4:e6:01:91:4c:7c:4f:58:8e:cf:fc:3f:04:4b:3d:3b:ba:2b:97:d5:3a
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D
Revocation information
OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3DCRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate testgold.snb.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for testgold.snb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
testgold.snb.ch
www.testgold.snb.ch
www.testgold.snb.ch
Other certificates including the domain name snb.ch
(limited to 100 certificates)
remotemail.snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
Certificate
The complete raw certificate details for testgold.snb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJlzCCB3+gAwIBAgIUIM2S6Cp4NI+7Wjy+fROrNvj3XzQwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMDMwMjA5 NDExMFoXDTIzMDMwMjA5NDExMFowYzELMAkGA1UEBhMCQ0gxCzAJBgNVBAgTAlpI MQ8wDQYDVQQHEwZadXJpY2gxHDAaBgNVBAoTE1N3aXNzIE5hdGlvbmFsIEJhbmsx GDAWBgNVBAMTD3Rlc3Rnb2xkLnNuYi5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKnzvJMkY/IbyiDeoFPAurF3jnqh0rQ9kChZLC5xcLTlE0n38uqH kTS9f3zi/xx/Hlk4qE9ojmn8VssyEhuDeI4tNmCeE6xvOkakmjq8/ChoxzuiTtea PR5CFjd4IZswbHkf8BBFVJJ9uyzzyq5AJ/yN271yhX+T2XvOYTyrNVUcIBvSg4Rt gV+S5mPJlutuw5PmdkTz+COtjilshCq4cEwVPujgN2UtoBpy6TfIghKcMqT7+wrL LvGd0H4NZAlBD02g16Il6fsjFC3jJBDhsSg4KGhKdFIbtwWWcUAg/42AQUR1+lsi XfpfAwNlRRv1BQXdIXGTXD7sRssvWlnGqT0CAwEAAaOCBVQwggVQMC8GA1UdEQQo MCaCD3Rlc3Rnb2xkLnNuYi5jaIITd3d3LnRlc3Rnb2xkLnNuYi5jaDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW BBQggUG29t71JVMU0UGEh0quqsVQHjAfBgNVHSMEGDAWgBSs0DrCwldVkWkRzHBq WTiKjKycPTCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2ln bi5uZXQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDCB qKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5ldC9DTj1BQ0Qw M0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5QzNEJTJDTz1Td2lzc1Np Z24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RD bGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBvBgNVHSAEaDBmMFAGCGCFdAFZAgEC MEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t L1N3aXNzU2lnbl9DUFNfVExTLnBkZjAIBgYEAI96AQcwCAYGZ4EMAQICMIHGBggr BgEFBQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQv Y2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvQUNEMDNBQzJDMjU3NTU5MTY5MTFD QzcwNkE1OTM4OEE4Q0FDOUMzRDBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Auc3dp c3NzaWduLm5ldC9BQ0QwM0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5 QzNEMIICcAYKKwYBBAHWeQIEAgSCAmAEggJcAloAdgBvU3asMfAxGdiZAKRRFf93 FRwR2QLBACkGjbIImjfZEwAAAX9KAUPJAAAEAwBHMEUCIQDq3rtnfmOJU7lXuAZD /sZI2c80MdQPMntw/8ZRvOoDDQIgK2hBj6ubH6DZdy4ohyDRe60o8QuXxsu33w9r lU0zWEsAdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAX9KAUUx AAAEAwBHMEUCIQCuDFhjXAYl7cOd1HqqyTGm6g1vqm+W8sf2rt8kn45AIgIgY7+J a388JEiOhgiSMjXX0wZn9Mls59oH0XSAzXBiwkAAdwCt9776fP8QyIudPZwePhhq tGcpXc+xDCTKhYY069yCigAAAX9KAUPtAAAEAwBIMEYCIQCkc/7kTzoaIlnnIm9F 28rAb84QhztOVlCeHRE4UjcExwIhAI0CpM2aZ3G93SJr1e5f8wtPl+RKY/frfc2r GvkVMaEeAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAF/SgFF MQAABAMARzBFAiEAqe6QGDZG6z4kJjohBB/tFwBtDnXcV1RVjgrq9k9qWRgCIDHq uNDyHNE28scbzUrEXPZDo5+Ym4awRt5gyxkm+0UAAHcA6D7Q2j71BjUy51covIlr yQPTy9ERa+zraeF3fW0GvW4AAAF/SgFFuQAABAMASDBGAiEArgX45Rjy+imFCSYK cIm345lPbYn9nDUYv8kgeuDo6Q0CIQDzNo/h6YM8caFYjLXV5x3pmK25/zM0PCMy DZn+wvEhWDANBgkqhkiG9w0BAQsFAAOCAgEAK4mXm7+GSUr+fAtTI1lPIGZIofeJ fz+VeqbDLSs65B5VqYtrmPkScyU9rcps98BoUARkWxx5DusITXog0pDizGrt0jfq O/9IyIrdohmixzqd8ujt5eSwhVAYBOCeU6cMkn/h/ieUjjWUU2DsN0EWCzKsIoxx 0PtiqynPXcEX0+oRuX2Dxg4SxE6FaYF/mBl/y6Z0UBdIwt4LH4s4f2Ai82VsvD9M s8NLflHJn8fZYxAAJ2tBtM943EbpWUSF/GnyStO55b25wSGNG5JMmzG0ykxAIfCZ puPYY9XzzDAgTFpZmm5HLnIZyoldYAn8bbOKbAGix2cABnD9hg3uw8TdTEFclSt3 cuN11VZf+jgBsHkx1wBAksq2u+NwnnTX/JLUgyCzU6D1Mh/tkR4NM88Vu8rYbVr5 Twriq7ZFvsEBzU7qorgNE+2uFxUaTBopwThUtzmw5VrUpfChHx2u/hy4eWxCoMLD LeKLcLdiZHPGqzl1cQ9XOp53pV7e03TNKTsotpjBxXui7/FHegAQPSzX/nnjTaVl Q0kFzabnvv2rswR3LvUx7gC0Zgc0RHf0B3FALoG9BdFidJGrl/UEznc8UNbprGwO ZeDeyCaW43Bwgy7m6dqVRyFlXkJ2CSDpEnzaBR28PivjzhnfO0y9uSHVDWw6hOSm pxvxBF4Lwwx/IsA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfO8kyRj8hvKIN6gU8C6 sXeOeqHStD2QKFksLnFwtOUTSffy6oeRNL1/fOL/HH8eWTioT2iOafxWyzISG4N4 ji02YJ4TrG86RqSaOrz8KGjHO6JO15o9HkIWN3ghmzBseR/wEEVUkn27LPPKrkAn /I3bvXKFf5PZe85hPKs1VRwgG9KDhG2BX5LmY8mW627Dk+Z2RPP4I62OKWyEKrhw TBU+6OA3ZS2gGnLpN8iCEpwypPv7Cssu8Z3Qfg1kCUEPTaDXoiXp+yMULeMkEOGx KDgoaEp0Uhu3BZZxQCD/jYBBRHX6WyJd+l8DA2VFG/UFBd0hcZNcPuxGyy9aWcap PQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 187272154827768522692109419347950388922423926580 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-02 09:41:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-02 09:41:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zurich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Swiss National Bank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'testgold.snb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21454464546270143066867505760809250174407694719670434839386370324155332529669451853009741227084650662232789824096233084694090812875166441637085896482101090522737114921651911801053272805020582851958338498253179850786775569110247477345550505017260274201669818888039622828259355450815767690149690418339503193068212274716210645083348526915894971510086924267165683667803353178908545422106787265943896169310465524118914810485921655134524207120861524225863797467782698833491100041498617116573340456785536194965187763900427469889094193833202482039083829111230840849507054787973337463963241578323931845035992048926709997021501 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testgold.snb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.testgold.snb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 208141b6f6def5255314d14184874aaeaac5501e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (608 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (604 bytes) 025a0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017f4a0143c90000040300473045022100eadebb677e638953b957b80643fec648d9cf3431d40f327b70ffc651bcea030d02202b68418fab9b1fa0d9772e288720d17bad28f10b97c6cbb7df0f6b954d33584b0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017f4a0145310000040300473045022100ae0c58635c0625edc39dd47aaac931a6ea0d6faa6f96f2c7f6aedf249f8e4022022063bf896b7f3c24488e8608923235d7d30667f4c96ce7da07d17480cd7062c240007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017f4a0143ed0000040300483046022100a473fee44f3a1a2259e7226f45dbcac06fce10873b4e56509e1d1138523704c70221008d02a4cd9a6771bddd226bd5ee5ff30b4f97e44a63f7eb7dcdab1af91531a11e007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017f4a0145310000040300473045022100a9ee90183646eb3e24263a21041fed17006d0e75dc5754558e0aeaf64f6a5918022031eab8d0f21cd136f2c71bcd4ac45cf643a39f989b86b046de60cb1926fb4500007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017f4a0145b90000040300483046022100ae05f8e518f2fa298509260a7089b7e3994f6d89fd9c3518bfc9207ae0e8e90d022100f3368fe1e9833c71a1588cb5d5e71de998adb9ff33343c23320d99fec2f12158 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 002b89979bbf86494afe7c0b5323594f206648a1f7897f3f957aa6c32d2b3ae41e55a98b6b98f91273253dadca6cf7c0685004645b1c790eeb084d7a20d290e2cc6aedd237ea3bff48c88adda219a2c73a9df2e8ede5e4b085501804e09e53a70c927fe1fe27948e35945360ec3741160b32ac228c71d0fb62ab29cf5dc117d3ea11b97d83c60e12c44e8569817f98197fcba674501748c2de0b1f8b387f6022f3656cbc3f4cb3c34b7e51c99fc7d9631000276b41b4cf78dc46e9594485fc69f24ad3b9e5bdb9c1218d1b924c9b31b4ca4c4021f099a6e3d863d5f3cc30204c5a599a6e472e7219ca895d6009fc6db38a6c01a2c767000670fd860deec3c4dd4c415c952b7772e375d5565ffa3801b07931d7004092cab6bbe3709e74d7fc92d48320b353a0f5321fed911e0d33cf15bbcad86d5af94f0ae2abb645bec101cd4eeaa2b80d13edae17151a4c1a29c13854b739b0e55ad4a5f0a11f1daefe1cb8796c42a0c2c32de28b70b7626473c6ab3975710f573a9e77a55eded374cd293b28b698c1c57ba2eff1477a00103d2cd7fe79e34da565434905cda6e7befdabb304772ef531ee00b46607344477f40771402e81bd05d1627491ab97f504ce773c50d6e9ac6c0e65e0dec82696e37070832ee6e9da954721655e42760920e9127cda051dbc3e2be3ce19df3b4cbdb921d50d6c3a84e4a6a71bf1045e0bc30c7f22c0