oos.ge.ch
- Republique et Canton de Geneve -
Issued by SwissSign Server Gold CA 2014 - G22
About this certificate
This digital certificate with serial number 5d:70:ff:13:81:11:55:ca:31:96:82:17:37:cb:99:86:a9:de:c2:9c was issued on by SwissSign AG.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [ContentCommitment DataEncipherment DigitalSignature KeyEncipherment] (00001111) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Republique et Canton de Geneve
Organization:
Republique et Canton de Geneve
Organization unit: DI - Office cantonal des systèmes d’information et du numérique
Organization unit: DI - Office cantonal des systèmes d’information et du numérique
State / Province:
Geneva
Locality: Geneva
Country: CH
Locality: Geneva
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 5d:70:ff:13:81:11:55:ca:31:96:82:17:37:cb:99:86:a9:de:c2:9cSerial Number (int): 533456045418690496433361172618024318270420468380
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 02:3a:75:98:e1:b1:6a:56:bf:17:a9:d9:2e:10:6b:0c:e8:cf:f3:39
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae
Fingerprint (sha1): 67:45:60:f4:bc:32:2b:23:0a:ec:24:9e:5c:22:42:9f:b4:a8:c1:cf
Fingerprint (sha256): 69:40:c7:bd:66:37:41:b9:11:68:bb:60:af:b3:43:05:00:aa:4e:6c:03:ff:d6:dc:ff:4a:be:cc:14:ef:d4:c8
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
Revocation information
OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AECRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate oos.ge.ch
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for oos.ge.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Content Commitment
Key Encipherment
Data Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oos.ge.ch
oos01.ad.etat-ge.ch
oos02.ad.etat-ge.ch
oosint.etat-ge.ch
oos01.ad.etat-ge.ch
oos02.ad.etat-ge.ch
oosint.etat-ge.ch
Other certificates including the domain name ge.ch
(limited to 100 certificates)
impuserlabo000-ms.ceti.etat-ge.ch
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch
gc.ge.ch
contacts.ge.ch
testeaspolb2b.ge.ch
ge.ch
vcscgv2-1.ceti.etat-ge.ch
pol.b2b.ge.ch
cucmuser000-ms.ceti.etat-ge.ch
vcscnhp-1.ceti.etat-ge.ch
justice.ge.ch
test.b2b.ge.ch
testmobilepol.ge.ch
portailadmin.ge.ch
portail.ge.ch
survey.cdc.ge.ch
*.ge.ch
testservices.b2b.ge.ch
vpntest.ge.ch
www.etat.ge.ch
REPUBLIQUE ET CANTON DE GENEVE
epi.ge.ch
testservices.b2b.ge.ch
test.b2b.ge.ch
mobilepol.ge.ch
securebox.epi.ge.ch
imap.gc.ge.ch
appconpol02.ge.ch
ge.ch
pexip.ge.ch
recensement.app.ge.ch
vcsclabo-2.ceti.etat-ge.ch
jabberguest.ge.ch
vcselabo-1.ge.ch
epi.ge.ch
impuser000-ms.ceti.etat-ge.ch
padbleu.ge.ch
idp.ge.ch
dgsiemmensrec.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
padpolice.ge.ch
ssl829352.cloudflaressl.com
testeasadmb2b.ge.ch
ge.ch
pexipedge.ge.ch
vcsenhp-1.ge.ch
pol.b2b.ge.ch
jabberguest.ge.ch
ge.ch
test.b2b.ge.ch
justice-doc-ext.ge.ch
eas.gc.ge.ch
pjdeploy01.ceti.etat-ge.ch
vcselabo-2.ge.ch
webmail.gc.ge.ch
test.b2b.ge.ch
jabbergexpe002.ge.ch
testeasadmb2b.ge.ch
vcscnhp-1.ceti.etat-ge.ch
polmi.b2b.ge.ch
epi.ge.ch
appconsae01.ge.ch
epi.ge.ch
vcselabo-2.ge.ch
www.etat.ge.ch
easpolb2b.ge.ch
padjustice.ge.ch
sni.cloudflaressl.com
www.ge.ch
ssl829350.cloudflaressl.com
securebox.epi.ge.ch
annuaire.ge.ch
epi.ge.ch
*.ge.ch
epi.ge.ch
cucmuserlabo000-ms.ceti.etat-ge.ch
cucmuser000-ms.ceti.etat-ge.ch
survey.cdc.ge.ch
*.ge.ch
portailwifiedu.ge.ch
pocdme.etat.ge.ch
amendes.ge.ch
vcsclabo-2.ceti.etat-ge.ch
videogw.ge.ch
amendes.ge.ch
vpn.ge.ch
test.b2b.ge.ch
portail.ge.ch
vcselabo-1.ge.ch
*.app4.ge.ch
etoile.ge.ch
outlook.ge.ch
amendes-rec.ge.ch
testpolmi.b2b.ge.ch
mdmacore01.ge.ch
ge.ch
ldapedu.ge.ch
testmobilepol.ge.ch
*.epi.ge.ch
participer-rec.ge.ch
*.ge.ch
Certificate
The complete raw certificate details for oos.ge.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHszCCBpugAwIBAgIUXXD/E4ERVcoxloIXN8uZhqnewpwwDQYJKoZIhvcNAQEL BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTkwNzA4 MTI1NDA5WhcNMjEwNzA4MTI1NDA5WjCBujELMAkGA1UEBhMCQ0gxDzANBgNVBAgT BkdlbmV2YTEPMA0GA1UEBxMGR2VuZXZhMScwJQYDVQQKEx5SZXB1YmxpcXVlIGV0 IENhbnRvbiBkZSBHZW5ldmUxTDBKBgNVBAsMQ0RJIC0gT2ZmaWNlIGNhbnRvbmFs IGRlcyBzeXN0w6htZXMgZOKAmWluZm9ybWF0aW9uIGV0IGR1IG51bcOpcmlxdWUx EjAQBgNVBAMTCW9vcy5nZS5jaDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC ggIBAMr62B9khch3FRFCM0a6X+CGa4k4Za/+gxuwpdKshJNSXapvWO8/hEnLQB5f rL6I7MozbFj2SH44EgWjciXD9dIfxtA+7XE6elobLtEG+0Jb2OQm56OmEzYht2/b EZPSw/EzV39TA9m4GAp1csJKLSHNdJXBAzxOdFSFNyR+1wLcQZZioTfxYB2SYkSU Gw3XmqknHz/KaeRJ+QVox54FTPCX4wv6LC9Fkp2BgCQikDi/uwJ2fuIVQJSQRDSx 0HYIEO2O31rDn3AsnrmIebMns4+WqqTaTcXkqc8Izl2U5ERVrbF7Hz/pJkRWydUa 4loQuD6C/oMXUZ3Sf9SqPD6sbm3ednGaOkLlZBwzoFG7cMq3+yngTg52Ffz4QPXd bVPq457ENr3fMLdkhRtOoFJjznH4Pyc5hbLwM8VG357ZY4fGUH4v7Z6WKUQhK52u NgaWmb+RSdJK2m5se3yDiRo5nHIxk/BFNFJ/++qk3TdX3R3uhCYCxISixtoi9mEf wYJfpW6QS1AeVf3NrMotsSRsIPisoa3WXWK/BPEx3BtWKS7pAMl87a6lPrDqBc5J d9gZB09T6KuP8H4vlJb5em3OIIU0/1W6It82jelP92ZCbT+YHo7xqAnAoeJ0CeuC yIRH9ihmVdVOwtJaUR4eJIg2ypQJUtYO5sU/ycLq3oM1lnbTAgMBAAGjggMWMIID EjBRBgNVHREESjBIgglvb3MuZ2UuY2iCE29vczAxLmFkLmV0YXQtZ2UuY2iCE29v czAyLmFkLmV0YXQtZ2UuY2iCEW9vc2ludC5ldGF0LWdlLmNoMA4GA1UdDwEB/wQE AwIE8DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFAI6 dZjhsWpWvxep2S4Qawzoz/M5MB8GA1UdIwQYMBaAFOfx5/0uU60R5YEaV6RzjxJ9 mMiuMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5l dC9FN0YxRTdGRDJFNTNBRDExRTU4MTFBNTdBNDczOEYxMjdEOThDOEFFMIGooIGl oIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPUU3RjFFN0ZE MkU1M0FEMTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4QUUlMkNPPVN3aXNzU2lnbiUy Q0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNz PWNSTERpc3RyaWJ1dGlvblBvaW50MF8GA1UdIARYMFYwVAYJYIV0AVkBAgELMEcw RQYIKwYBBQUHAgEWOWh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dp c3NTaWduLUdvbGQtQ1AtQ1BTLnBkZjCB1QYIKwYBBQUHAQEEgcgwgcUwZAYIKwYB BQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2NnaS1iaW4vYXV0aG9yaXR5L2Rv d25sb2FkL0U3RjFFN0ZEMkU1M0FEMTFFNTgxMUE1N0E0NzM4RjEyN0Q5OEM4QUUw XQYIKwYBBQUHMAGGUWh0dHA6Ly9nb2xkLXNlcnZlci1nMi5vY3NwLnN3aXNzc2ln bi5uZXQvRTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4QzhBRTAT BgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3yarkssec6n 59/DnjAw0ClO91hq1SVZKgpZE25/qTOMs5/0t4o8RbheMLcPSwFvYD8aZ7zAXK00 8O/J4tk+heHEqCk4p6a+ZSgyJbr7+hIn3OW87mZghkjhBp1tPaQDYHbdrCZJF3++ HM/S2I/v28xJ2bzXoxLQaGazk3mt9l7VSSQ2yu4So92G56e1xrvmdiRNWRqO5Ob6 4tF2Br1kBNljY2bao6AXY5pPNljOEPnNA6ZYIxXKK8iXUU1nwlekInk8ng4sYdD+ QJvO+OUW6lk6yGgUa8lMeCfuUfk064Y2+b/rY9lQ1l9ybN39GnLnTlsnN6RyBffi cQOIJvTKZg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyvrYH2SFyHcVEUIzRrpf 4IZriThlr/6DG7Cl0qyEk1Jdqm9Y7z+ESctAHl+svojsyjNsWPZIfjgSBaNyJcP1 0h/G0D7tcTp6Whsu0Qb7QlvY5Cbno6YTNiG3b9sRk9LD8TNXf1MD2bgYCnVywkot Ic10lcEDPE50VIU3JH7XAtxBlmKhN/FgHZJiRJQbDdeaqScfP8pp5En5BWjHngVM 8JfjC/osL0WSnYGAJCKQOL+7AnZ+4hVAlJBENLHQdggQ7Y7fWsOfcCyeuYh5syez j5aqpNpNxeSpzwjOXZTkRFWtsXsfP+kmRFbJ1RriWhC4PoL+gxdRndJ/1Ko8Pqxu bd52cZo6QuVkHDOgUbtwyrf7KeBODnYV/PhA9d1tU+rjnsQ2vd8wt2SFG06gUmPO cfg/JzmFsvAzxUbfntljh8ZQfi/tnpYpRCErna42BpaZv5FJ0krabmx7fIOJGjmc cjGT8EU0Un/76qTdN1fdHe6EJgLEhKLG2iL2YR/Bgl+lbpBLUB5V/c2syi2xJGwg +KyhrdZdYr8E8THcG1YpLukAyXztrqU+sOoFzkl32BkHT1Poq4/wfi+Ulvl6bc4g hTT/Vboi3zaN6U/3ZkJtP5gejvGoCcCh4nQJ64LIhEf2KGZV1U7C0lpRHh4kiDbK lAlS1g7mxT/JwuregzWWdtMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 533456045418690496433361172618024318270420468380 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-08 12:54:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-08 12:54:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneva' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Geneva' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Republique et Canton de Geneve' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DI - Office cantonal des systèmes d’information et du numérique' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oos.ge.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 828085582876371704837821034996412002567189919280065678573559421564385404786450956817826264682377464784674027421050249447510597637032922047054381476676457904232910131175883228605098311544334956312293854526079012412375477015189067299025850970106604337590401089580967472523219692246473194438019899415186692635438844974637480053499544088370366441513725584314973088082104030388619516109585746904472475355151979593415687445718072570216335826600098996063137847784581366957734948260052895480050486344841973691396468561662664841349530062311024572277712285005322411214871965297115200573331096768791128401304596432996627680091317444770913814822983037335097693225649043145960612012199664247261177304167193536261858038586019861054873654822858345202728832244890737181346300218780223756171222161390342657951650791345844077177073436142695330043800659285982040575118589907557112153011637826437564796158303237476469091152852005435965170656825410250474692844569727919253428448981455454656052092778698734089573590755546799508464227909863851514346785988273111180921074194513259801474173574637797570889639196331437265908995053736391694051920554514649996961623145878482613246720248968420782529844430024533076100849657184486604365095007019277969820275341011 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oos.ge.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oos01.ad.etat-ge.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oos02.ad.etat-ge.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oosint.etat-ge.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04f0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 023a7598e1b16a56bf17a9d92e106b0ce8cff339 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00677c9aae4b2c79cea7e7dfc39e3030d0294ef7586ad525592a0a59136e7fa9338cb39ff4b78a3c45b85e30b70f4b016f603f1a67bcc05cad34f0efc9e2d93e85e1c4a82938a7a6be65283225bafbfa1227dce5bcee66608648e1069d6d3da4036076ddac2649177fbe1ccfd2d88fefdbcc49d9bcd7a312d06866b39379adf65ed5492436caee12a3dd86e7a7b5c6bbe676244d591a8ee4e6fae2d17606bd6404d9636366daa3a017639a4f3658ce10f9cd03a6582315ca2bc897514d67c257a422793c9e0e2c61d0fe409bcef8e516ea593ac868146bc94c7827ee51f934eb8636f9bfeb63d950d65f726cddfd1a72e74e5b2737a47205f7e271038826f4ca66