*.netcetera-payment.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 68:10:bf:43:6d:68:77:f4:ac:7f:50:8e:5d:af:b3:9c:fb:56:23:f0 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.netcetera-payment.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 68:10:bf:43:6d:68:77:f4:ac:7f:50:8e:5d:af:b3:9c:fb:56:23:f0Serial Number (int): 594108513479815633806141367927286505540167279600
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 2a:dc:9d:fe:85:10:c7:9b:70:2c:3d:96:97:44:e5:7f:ee:d3:0f:d4
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): 21:67:ce:a7:3f:24:fd:c1:39:e6:28:da:73:f1:5a:0a:00:cd:4e:98
Fingerprint (sha256): 70:d5:f2:b7:8e:3b:43:ef:b8:d4:0a:f3:d3:a9:f3:66:be:26:e1:96:e3:46:9f:8f:4b:38:48:55:d9:d2:f9:1f
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate *.netcetera-payment.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.netcetera-payment.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.netcetera-payment.ch
netcetera-payment.ch
netcetera-payment.ch
Other certificates including the domain name netcetera-payment.ch
(limited to 100 certificates)
tpet-mc-callin.netcetera-payment.ch
*.test.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
ps4visa-ds.netcetera-payment.ch
*.netcetera-payment.ch
riskadm.netcetera-payment.ch
*.test.netcetera-payment.ch
*.netcetera-payment.ch
*.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
ps4visa-ds.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
*.test.netcetera-payment.ch
riskadm.netcetera-payment.ch
tpet-mc-callin.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.netcetera-payment.ch
riskadm.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
*.netcetera-payment.ch
*.test.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
ps4visa-ds.netcetera-payment.ch
*.netcetera-payment.ch
riskadm.netcetera-payment.ch
*.test.netcetera-payment.ch
*.netcetera-payment.ch
*.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
ps4visa-ds.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
*.test.netcetera-payment.ch
riskadm.netcetera-payment.ch
tpet-mc-callin.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.netcetera-payment.ch
riskadm.netcetera-payment.ch
*.prev.netcetera-payment.ch
*.test.netcetera-payment.ch
*.netcetera-payment.ch
Certificate
The complete raw certificate details for *.netcetera-payment.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIImDCCBoCgAwIBAgIUaBC/Q21od/Ssf1COXa+znPtWI/AwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTIzMDgxNDEy MzcyM1oXDTI0MDgxNDEyMzcyM1owITEfMB0GA1UEAwwWKi5uZXRjZXRlcmEtcGF5 bWVudC5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALs3XAyB4wtB 0c7aGDm+Fg4VmL8bOuvgz7Bik6TMSEojf6qwrE10TGk2yF59oB804g71FKh8Ruzo w+z2z+9oOP+PC0B0NRJbgYbgpkU7Tug4F17QhIP90WxaQAQcj8zxolwNPz3FTPhx szQAkVmZnaa8i7mrN43QjoMyXGkElERrk8E3a7aoJ5M/73Yqh1UGP+13QpV8EqxT 78gXBqJjsFTm/V7KOBgtBNr3S1lzeLMcyesqFrYgZoqGUcdQjL5AFrIcwpoqmlcs W2+EpBf3YgX/CiZ8xV7e9dsJiyhsvCM/0KMxV0eo9Sql//oLA3RJzTVuoCZM5fFP em3fzzgtHf0CAwEAAaOCBJcwggSTMIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEF BQcwAoZAaHR0cDovL2FpYS5zd2lzc3NpZ24uY2gvYWlyLTFiODYzMzg1LWY0YTkt NDdmYS04OGE1LTJhNWFiZmQ0YTE2NzBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Au c3dpc3NzaWduLmNoL3NpZ24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZk MjlhYjczZWZlYzBvBgNVHSAEaDBmMAgGBmeBDAECATAIBgYEAI96AQYwUAYIYIV0 AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2ln bi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0 dHA6Ly9jcmwuc3dpc3NzaWduLmNoL2NkcC02Nzk3MjNiMi04NjQxLTQ2NDItODUw MC1mNmQyZmYzN2U2YmEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4G A1UdDwEB/wQEAwIFoDA3BgNVHREEMDAughYqLm5ldGNldGVyYS1wYXltZW50LmNo ghRuZXRjZXRlcmEtcGF5bWVudC5jaDAdBgNVHQ4EFgQUKtyd/oUQx5twLD2Wl0Tl f+7TD9QwHwYDVR0jBBgwFoAU671/SZOMye7sorr3HNJn8IOx6t4wggJuBgorBgEE AdZ5AgQCBIICXgSCAloCWAB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0H E9MMAAABifQNDe4AAAQDAEgwRgIhANK1gjAOb2SqMhNTO2o+AN5VcJ7bBHi9fElO +VyUyFq5AiEAlr4sULL+eVkuGlk2HoU8cktWGrA6lnTba2a1gu73prQAdQDatr9r P7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYn0DRDlAAAEAwBGMEQCIGty vmfs0qSJGjz+DhZd9sdRGGgV+fbBIOeN3LEN6VjLAiAfYrotGMxSUsnOOKTomF2E yGqLXiP+f5QEA72cOi9IMwB3AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdM Wjp0AAABifQNEdIAAAQDAEgwRgIhAKrH68QFQCfe66Cfgk0rBrbboduPQjpuv+bY EajH7Ix0AiEApXl+sV4bVU6HLNzkQvjGSSDYqE1OGGZDdc9JwSRamH8AdQDuzdBk 1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYn0DRMZAAAEAwBGMEQCICUA wueEn/I3UCcZ4upJcDkCya1g6nqtizr9Gl4CAinMAiBJCHyMN0JW9dzUSeDaPtZN lmmnhb/tH7b1UciwIVNCDgB2AIdPtQ3AKdmTHeVz6fKJno5FM7OS04sKRiV0vw/u svweAAABifQNGqUAAAQDAEcwRQIhAL8xqJw0EWbbQrGloK24Lod5LHFCky9ydPcZ RrJG3tKZAiASJg4IzKokwV9Zw/SfS58sf7+MEQxcARDbxOKhReq7sTANBgkqhkiG 9w0BAQsFAAOCAgEAY7UoXvnum+by3PsI6ieHlJV2U1C86DDjsuH7RGjRfW56uQaO A7vRpGv1XoHsPYrfCBt1OOraRACE6/cvpdfgrU3FUwt8WzNipIyJl8005f+VBAOD J+NGdXyHWVJPbR5g0gIRQN64QgQovi7hcbN2ajwAe3zi9zeqEnQMrqg/7qojc8LB yMUNWufKH5SfeoyYmq5NrDabd4mvyUOInPwCofV8QgmW969lo8uUe71TQqFN7FwR ROyFbwzoGKCYFzgh3z4bWT0wd5jjV6AHix8kunKAi+gvcB3m6JctRGg5g6xlpVau 7ruOTBhyOlVo7EmIXm8XJaEJtAi0JrsKY7qcB8wc7IPPUywJULDtbe++PLY4+yFv e8gUTcDEa4mUjM1/EcpSPyUPqsIydcwOxoTdpSWScNljdHwRCY5ixgnnDy49UbUT CtcrQ4uUjsXYrhMmy0eEbQvqC2QKgkeji6YdoErHVRCp3N8l7JuUqkOKM89ls/8M BRPx7RysWomwpTfTmHRwjr2tvwKz4iFLRJzTpgc/dFf9CzcfiCzQolL4RoLZ1Vbt ttv+9poFe/Zkrmdy9ohhqggPrGn3jbLksltNJ+eC7poIAaZ3tVfdKovltuNExBX6 IPmoiFKGojx8mrKMoLAOaVhgvxhpeCQ70xwNdOk+WMx6/sVO6+aRJn8H7VA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzdcDIHjC0HRztoYOb4W DhWYvxs66+DPsGKTpMxISiN/qrCsTXRMaTbIXn2gHzTiDvUUqHxG7OjD7PbP72g4 /48LQHQ1EluBhuCmRTtO6DgXXtCEg/3RbFpABByPzPGiXA0/PcVM+HGzNACRWZmd pryLuas3jdCOgzJcaQSURGuTwTdrtqgnkz/vdiqHVQY/7XdClXwSrFPvyBcGomOw VOb9Xso4GC0E2vdLWXN4sxzJ6yoWtiBmioZRx1CMvkAWshzCmiqaVyxbb4SkF/di Bf8KJnzFXt712wmLKGy8Iz/QozFXR6j1KqX/+gsDdEnNNW6gJkzl8U96bd/POC0d /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 594108513479815633806141367927286505540167279600 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-14 12:37:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-14 12:37:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.netcetera-payment.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23633861848013212125850660626406764137013436220365871484861775153607925024400663165825994998733355222499433340098627699919312150170925421304950303445476057576885044872740032382415460125123618887433559770455264864285494734240740712233973602547640676966696164767954062548673027613785157062330853923368186361591991725714775913425635904054017793663451316957198250717302571171846507029342651973900233908930274583539099625511781809784622888584217331286101758511888859590362040027344806663973928578527188363468577457979478735243632769439510172900044893052037671656263090420795446642913228824466150440056960455586343723802109 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.netcetera-payment.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'netcetera-payment.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2adc9dfe8510c79b702c3d969744e57feed30fd4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (606 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (602 bytes) 02580077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000189f40d0dee0000040300483046022100d2b582300e6f64aa3213533b6a3e00de55709edb0478bd7c494ef95c94c85ab902210096be2c50b2fe79592e1a59361e853c724b561ab03a9674db6b66b582eef7a6b4007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000189f40d10e5000004030046304402206b72be67ecd2a4891a3cfe0e165df6c751186815f9f6c120e78ddcb10de958cb02201f62ba2d18cc5252c9ce38a4e8985d84c86a8b5e23fe7f940403bd9c3a2f483300770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000189f40d11d20000040300483046022100aac7ebc4054027deeba09f824d2b06b6dba1db8f423a6ebfe6d811a8c7ec8c74022100a5797eb15e1b554e872cdce442f8c64920d8a84d4e18664375cf49c1245a987f007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000189f40d1319000004030046304402202500c2e7849ff237502719e2ea49703902c9ad60ea7aad8b3afd1a5e020229cc022049087c8c374256f5dcd449e0da3ed64d9669a785bfed1fb6f551c8b02153420e007600874fb50dc029d9931de573e9f2899e8e4533b392d38b0a462574bf0feeb2fc1e00000189f40d1aa50000040300473045022100bf31a89c341166db42b1a5a0adb82e87792c7142932f7274f71946b246ded299022012260e08ccaa24c15f59c3f49f4b9f2c7fbf8c110c5c0110dbc4e2a145eabbb1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0063b5285ef9ee9be6f2dcfb08ea27879495765350bce830e3b2e1fb4468d17d6e7ab9068e03bbd1a46bf55e81ec3d8adf081b7538eada440084ebf72fa5d7e0ad4dc5530b7c5b3362a48c8997cd34e5ff9504038327e346757c8759524f6d1e60d2021140deb8420428be2ee171b3766a3c007b7ce2f737aa12740caea83feeaa2373c2c1c8c50d5ae7ca1f949f7a8c989aae4dac369b7789afc943889cfc02a1f57c420996f7af65a3cb947bbd5342a14dec5c1144ec856f0ce818a098173821df3e1b593d307798e357a0078b1f24ba72808be82f701de6e8972d44683983ac65a556aeeebb8e4c18723a5568ec49885e6f1725a109b408b426bb0a63ba9c07cc1cec83cf532c0950b0ed6defbe3cb638fb216f7bc8144dc0c46b89948ccd7f11ca523f250faac23275cc0ec684dda5259270d963747c11098e62c609e70f2e3d51b5130ad72b438b948ec5d8ae1326cb47846d0bea0b640a8247a38ba61da04ac75510a9dcdf25ec9b94aa438a33cf65b3ff0c0513f1ed1cac5a89b0a537d39874708ebdadbf02b3e2214b449cd3a6073f7457fd0b371f882cd0a252f84682d9d556edb6dbfef69a057bf664ae6772f68861aa080fac69f78db2e4b25b4d27e782ee9a0801a677b557dd2a8be5b6e344c415fa20f9a8885286a23c7c9ab28ca0b00e695860bf186978243bd31c0d74e93e58cc7afec54eebe691267f07ed50