testgold.snb.ch
- Swiss National Bank -
Issued by SwissSign RSA TLS OV ICA 2021 - 1
About this certificate
This digital certificate with serial number 14:41:30:d8:c8:9e:4e:06:eb:63:b9:f6:66:3f:fa:5f:5a:4a:3e:95 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Swiss National Bank
Organization:
Swiss National Bank
State / Province:
ZH
Locality: Zurich
Country: CH
Locality: Zurich
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 14:41:30:d8:c8:9e:4e:06:eb:63:b9:f6:66:3f:fa:5f:5a:4a:3e:95Serial Number (int): 115633619011764825040209121688945600419552968341
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: 9b:3e:2d:be:0d:8b:5a:de:34:27:e7:ff:33:14:ff:a1:26:b1:ee:17
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d
Fingerprint (sha1): 30:c2:45:83:e0:9e:21:b8:a8:2b:16:b4:5a:3f:f2:68:32:40:0e:b1
Fingerprint (sha256): 66:c9:49:22:56:ef:1c:73:dd:c2:ff:71:68:3d:65:07:ce:66:19:56:00:42:29:6e:d6:5c:ef:a4:09:5b:1d:9b
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D
Revocation information
OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3DCRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate testgold.snb.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for testgold.snb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
testgold.snb.ch
www.testgold.snb.ch
www.testgold.snb.ch
Other certificates including the domain name snb.ch
(limited to 100 certificates)
remotemail.snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
bbuem.snb.ch
mailb.snb.ch
ras.snb.ch
ras.snb.ch
ras.snb.ch
surveys.snb.ch
mailz.snb.ch
sip.snb.ch
mailz.snb.ch
rastest.snb.ch
ras.snb.ch
meet.snb.ch
datasharedev.snb.ch
vcse.snb.ch
ras.snb.ch
data.snb.ch
recruiting.snb.ch
rastest.snb.ch
ras.snb.ch
surveys.snb.ch
sip.snb.ch
ras.snb.ch
sip.snb.ch
ras.snb.ch
testgold.snb.ch
remotemail.snb.ch
testgold.snb.ch
ras2.snb.ch
wlanportal1.snb.ch
data.test.snb.ch
sip.snb.ch
testswiss.snb.ch
testgold.snb.ch
surveys-usertest.snb.ch
secmail.snb.ch
surveys.snb.ch
wlanportal1.snb.ch
mailb.snb.ch
snb.ch
surveys.snb.ch
datashare.snb.ch
alert.snb.ch
data.snb.ch
secmail.snb.ch
rastest.snb.ch
secmail.snb.ch
sip3.snb.ch
remotez.snb.ch
snb.ch
testgold.snb.ch
testgold.snb.ch
datasharedev.snb.ch
vcse.snb.ch
bbuem.snb.ch
secmail.snb.ch
ras.snb.ch
ras.snb.ch
sip3.snb.ch
remote.snb.ch
vcse.snb.ch
securemail.snb.ch
ras.snb.ch
surveys.snb.ch
testgold.snb.ch
webstats.snb.ch
securemail.snb.ch
surveys-usertest.snb.ch
snb.ch
careers.snb.ch
ras2.snb.ch
datasharedev.snb.ch
testgold.snb.ch
datasharedev.snb.ch
alert.snb.ch
snb.ch
remotez.snb.ch
data.snb.ch
surveys.snb.ch
datashare.snb.ch
data.snb.ch
testserver.snb.ch
ras-betest1.snb.ch
remoteb.snb.ch
datashare.snb.ch
rastest.snb.ch
rastest.snb.ch
testswiss.snb.ch
securemail.snb.ch
snb.ch
sip.snb.ch
mailb.snb.ch
testgold.snb.ch
bbuem.snb.ch
alert.snb.ch
bbuem.snb.ch
ras.snb.ch
data.test.snb.ch
bbuem.snb.ch
snb.ch
Certificate
The complete raw certificate details for testgold.snb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJlTCCB32gAwIBAgIUFEEw2MieTgbrY7n2Zj/6X1pKPpUwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMDIwOTEz NDAxN1oXDTIzMDIwOTEzNDAxN1owYzELMAkGA1UEBhMCQ0gxCzAJBgNVBAgTAlpI MQ8wDQYDVQQHEwZadXJpY2gxHDAaBgNVBAoTE1N3aXNzIE5hdGlvbmFsIEJhbmsx GDAWBgNVBAMTD3Rlc3Rnb2xkLnNuYi5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAJP2KQNbS6X8k48BmOMgzDXYG6aZaQo5f9ZzlFvba6Td6cDo6nkl lyIFCrlblLPU4WhAwfjwrBBwuNXj+DaWxCLfofk8TX1BDjUGJgJ5NwV0KwqZkqN0 Ql7CUugp9VTvZsCPgLPCz/voJ94r/toQ8h6zWT8/rOI7ZqH3LdoiudGOa3o3cN3E my23wo44KgHZTinnJjqti5W9PgBi/51ONomc02JMlBoQFrMzRXEuCBfQfr8oRy3z meql/BVpJqvqxEltmdi7AmFRC6VmMgXRdXw7J4Zcmtmw56xDOp4W2xF57IXUZ8vd MU890GLMW1blzNiLNRVo9huFHLNX5Np57aMCAwEAAaOCBVIwggVOMC8GA1UdEQQo MCaCD3Rlc3Rnb2xkLnNuYi5jaIITd3d3LnRlc3Rnb2xkLnNuYi5jaDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW BBSbPi2+DYta3jQn5/8zFP+hJrHuFzAfBgNVHSMEGDAWgBSs0DrCwldVkWkRzHBq WTiKjKycPTCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2ln bi5uZXQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDCB qKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5ldC9DTj1BQ0Qw M0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5QzNEJTJDTz1Td2lzc1Np Z24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RD bGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBvBgNVHSAEaDBmMFAGCGCFdAFZAgEC MEQwQgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t L1N3aXNzU2lnbl9DUFNfVExTLnBkZjAIBgYEAI96AQcwCAYGZ4EMAQICMIHGBggr BgEFBQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQv Y2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvQUNEMDNBQzJDMjU3NTU5MTY5MTFD QzcwNkE1OTM4OEE4Q0FDOUMzRDBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Auc3dp c3NzaWduLm5ldC9BQ0QwM0FDMkMyNTc1NTkxNjkxMUNDNzA2QTU5Mzg4QThDQUM5 QzNEMIICbgYKKwYBBAHWeQIEAgSCAl4EggJaAlgAdgBVgdTCFpA2AUrqC5tXPFPw wOQ4eHAlCBcvo6odBxPTDAAAAX7etqMlAAAEAwBHMEUCIQCXlyHj4/DxeDffNCfV OOsm/J+abLLSOyBJS0yn/G1lGwIgc6Jh3U46qBwGfGECkvEZmWUC/j0fgrJJR5as SwuIVFUAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAX7etqIe AAAEAwBGMEQCIH7kBv0r7g3GOfcfPxvFbn6LapvnGCzPWfkTY3RGt5fUAiBhpxxt hRqrjg6nDUbEzY6KPWfkd6EtJRMRrkSrFDhdMQB3AHoyjFTYty22IOo44FIe6YQW cDIThU070ivBOlejUutSAAABft62od0AAAQDAEgwRgIhAPtcHSqMdKvcRNPqD6Ar 0AUfhRBn3WiEqCAYYEarqSHYAiEA7/xA5sQ/muw11K7AsDm/M2/MwyGnXyhsgd2t Xqbe+usAdwCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX7etqIh AAAEAwBIMEYCIQDoVAnix891DGX8/nSdUbMKMGGx4h+5OgrF/8F06ZshHwIhAM+I va9UWd79y77WKa4x+eNgfZ16w9XaquESuDTI7EqyAHUAs3N3B+GEUPhjhtYFqdwR CUp5LbFnDAuH3PADDnk2pZoAAAF+3rajhQAABAMARjBEAh89JGDk+nCT/cuNA0nv 5kEQOxZlF19rr4+DLHTiC5eJAiEAtCXdDMWk8hjDiSgX8nx0ks3lOpHZha9yEa1S d3eQ+LUwDQYJKoZIhvcNAQELBQADggIBAIeVE6FvIpFk257GXgUKl/Oy9kSb6PtQ nAQcG0GtXD9/CaGNBgzVvgOE87Xy3qG9gwWwOAGP5rIU2WnjsISXZnmnkVt/1dSN LuryV8nzBxSGu6d2Ie7FnkwPBnAhz/pWkXxv9fn/+p09mpc9LFUaIrct3zpDox8w w3a1SCDzIt34sCqyURr4CMtilagr+uB0g4Ky8kASxzUKfgO/Y7olgFXZV26GqIJr eQ0sDSmdR+81KvAfyvznOZbTMDxz1ejOEX77vO3Q8QMC7zGdSwxIn6L9oy2GH5kT 8m6aaehrfI1TNRaHraVHeF76Q4DouYw2jc497oDmX+xcnXxwudJ4lIbMgM92dGVF 6fhLT1eAi9dscYOB4FGgwFm96WO/8lrkrJ3167l/cg4Q7/L1equmWwFoAtshfq8W PheyfKv080rqSYL0V/mU8tT8ZJ0qNBfO1hkWIjT0NjfOMSWS+O5ocQFkspaT17Vl 1L9K8kxioh+RaT1zmkrYxINfiC5iXcu4Qsv5Cxo+CIskSMTH4HQ1xsqmoFMX7oRC VGmWZrjye5Y+mBCzSIvAsWIRPLrstRrVnctN49w+tNYeL72A6CAhzi9WNYtPOfGx hCxQ5q3S61wXaEMNnbC/qnCQYvBVCnj7+YX6KZaX68y9uhEySG/b7rAy1zyEUrG1 3ltrZD6sdFAX -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/YpA1tLpfyTjwGY4yDM NdgbpplpCjl/1nOUW9trpN3pwOjqeSWXIgUKuVuUs9ThaEDB+PCsEHC41eP4NpbE It+h+TxNfUEONQYmAnk3BXQrCpmSo3RCXsJS6Cn1VO9mwI+As8LP++gn3iv+2hDy HrNZPz+s4jtmofct2iK50Y5rejdw3cSbLbfCjjgqAdlOKecmOq2Llb0+AGL/nU42 iZzTYkyUGhAWszNFcS4IF9B+vyhHLfOZ6qX8FWkmq+rESW2Z2LsCYVELpWYyBdF1 fDsnhlya2bDnrEM6nhbbEXnshdRny90xTz3QYsxbVuXM2Is1FWj2G4Ucs1fk2nnt owIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 115633619011764825040209121688945600419552968341 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-09 13:40:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-09 13:40:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Zurich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Swiss National Bank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'testgold.snb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18678416952435828565493198506967589041608709456758759411889945743537310938008301892055380860477798114339257675532095027628403637564616117657810432694252496011417368482924541529774952235874200689824666875062508634788236923775609320889519011856193946294995547626033781285665914870271521057484314232098583897208722533284276441001800626079449396607196135212998808179748509944205216338800447904998120717726667268731965527075507655602814283851028029159214920990543698582310596520602241734713284319801530953967914874965691120427643716453218647490096702147889089817223499517361818337734334225941386494568862774990597005110691 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testgold.snb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.testgold.snb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9b3e2dbe0d8b5ade3427e7ff3314ffa126b1ee17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes) 02580076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000017edeb6a3250000040300473045022100979721e3e3f0f17837df3427d538eb26fc9f9a6cb2d23b20494b4ca7fc6d651b022073a261dd4e3aa81c067c610292f119996502fe3d1f82b2494796ac4b0b8854550075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017edeb6a21e000004030046304402207ee406fd2bee0dc639f71f3f1bc56e7e8b6a9be7182ccf59f913637446b797d4022061a71c6d851aab8e0ea70d46c4cd8e8a3d67e477a12d251311ae44ab14385d310077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017edeb6a1dd0000040300483046022100fb5c1d2a8c74abdc44d3ea0fa02bd0051f851067dd6884a820186046aba921d8022100effc40e6c43f9aec35d4aec0b039bf336fccc321a75f286c81ddad5ea6defaeb007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017edeb6a2210000040300483046022100e85409e2c7cf750c65fcfe749d51b30a3061b1e21fb93a0ac5ffc174e99b211f022100cf88bdaf5459defdcbbed629ae31f9e3607d9d7ac3d5daaae112b834c8ec4ab2007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017edeb6a3850000040300463044021f3d2460e4fa7093fdcb8d0349efe641103b1665175f6baf8f832c74e20b9789022100b425dd0cc5a4f218c3892817f27c7492cde53a91d985af7211ad52777790f8b5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00879513a16f229164db9ec65e050a97f3b2f6449be8fb509c041c1b41ad5c3f7f09a18d060cd5be0384f3b5f2dea1bd8305b038018fe6b214d969e3b084976679a7915b7fd5d48d2eeaf257c9f3071486bba77621eec59e4c0f067021cffa56917c6ff5f9fffa9d3d9a973d2c551a22b72ddf3a43a31f30c376b54820f322ddf8b02ab2511af808cb6295a82bfae0748382b2f24012c7350a7e03bf63ba258055d9576e86a8826b790d2c0d299d47ef352af01fcafce73996d3303c73d5e8ce117efbbcedd0f10302ef319d4b0c489fa2fda32d861f9913f26e9a69e86b7c8d53351687ada547785efa4380e8b98c368dce3dee80e65fec5c9d7c70b9d2789486cc80cf76746545e9f84b4f57808bd76c718381e051a0c059bde963bff25ae4ac9df5ebb97f720e10eff2f57aaba65b016802db217eaf163e17b27cabf4f34aea4982f457f994f2d4fc649d2a3417ced619162234f43637ce312592f8ee68710164b29693d7b565d4bf4af24c62a21f91693d739a4ad8c4835f882e625dcbb842cbf90b1a3e088b2448c4c7e07435c6caa6a05317ee844254699666b8f27b963e9810b3488bc0b162113cbaecb51ad59dcb4de3dc3eb4d61e2fbd80e82021ce2f56358b4f39f1b1842c50e6add2eb5c1768430d9db0bfaa709062f0550a78fbf985fa299697ebccbdba1132486fdbeeb032d73c8452b1b5de5b6b643eac745017