twint.ukb.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 12:d7:06:00:51:57:5b:16:23:13:60:8c:68:f3:f5:69:df:d6:7e:50 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=twint.ukb.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 12:d7:06:00:51:57:5b:16:23:13:60:8c:68:f3:f5:69:df:d6:7e:50Serial Number (int): 107557016874349830911526273168703533259825774160
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: eb:cd:43:31:57:fb:28:d3:97:86:d0:04:24:f1:b1:4a:2e:2c:06:cc
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): a9:2c:f5:c1:e4:3f:dd:e5:07:a9:e1:24:61:e2:de:4d:24:24:02:df
Fingerprint (sha256): 76:a7:bb:35:15:44:12:3a:ec:7b:b0:70:4e:13:a5:e2:4a:76:77:ab:9b:89:b9:57:02:6f:62:a0:35:88:14:e3
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate twint.ukb.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for twint.ukb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
twint.ukb.ch
Other certificates including the domain name ukb.ch
(limited to 100 certificates)
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
Certificate
The complete raw certificate details for twint.ukb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH9zCCBd+gAwIBAgIUEtcGAFFXWxYjE2CMaPP1ad/WflAwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTIzMDcwNjA4 NTc1NFoXDTI0MDcwNjA4NTc1NFowFzEVMBMGA1UEAxMMdHdpbnQudWtiLmNoMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTZoUwxcPpQjJ7E1Oxd2+PXz l78KVwqW0+Kba2VvZj7PBqhh8p/AbsSFm1yFTbqkGNBFFUMoaf0he894FOWB/rYJ DolYkt+zxiuyk1MY9TqzLoCw7nCSyImo5xy1HhvUgFhc4lpi6Jzm82UMQyHCG+TD 3ab1a9+6ftk0j7bsLAq/pWlIJuRu84h8iQoI2+STBDGMDNhkfOwfbl91eRKlhejI mtUJ4pjJCW9JXLX1s9a/uDXgnMe7MxxCqQYAxNT1GpI0E4brHPB6aJmDgdzdzhpP sqIDqvMRmvmRfGkTVWE6EpVz/ZuZ9BvepQ05Q+mNqQWVYu6sumq64+6qodSVVwID AQABo4IEADCCA/wwgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRw Oi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMWI4NjMzODUtZjRhOS00N2ZhLTg4YTUt MmE1YWJmZDRhMTY3MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24u Y2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVj MG8GA1UdIARoMGYwCAYGZ4EMAQIBMAgGBgQAj3oBBjBQBghghXQBWQIBATBEMEIG CCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lz c1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5z d2lzc3NpZ24uY2gvY2RwLTY3OTcyM2IyLTg2NDEtNDY0Mi04NTAwLWY2ZDJmZjM3 ZTZiYTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQD AgWgMBcGA1UdEQQQMA6CDHR3aW50LnVrYi5jaDAdBgNVHQ4EFgQU681DMVf7KNOX htAEJPGxSi4sBswwHwYDVR0jBBgwFoAU671/SZOMye7sorr3HNJn8IOx6t4wggH3 BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUI Fy+jqh0HE9MMAAABiSpsHF8AAAQDAEcwRQIhAJBzqGXj3746YOU1CDMM182AgDjI uiWUCV3MpXdniG6wAiBy3R5KjNK2wQI/k6KQ2yEPjVuaoCWhfyUxg2zKta3ncAB2 ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiSpsH5UAAAQDAEcw RQIhANr8yH4IObkfBfICz9vedx/PHcBqzYVNcIDTxkXmHHyxAiBsDti2zdh6tNYd ksANjOwKSkzFZb2I+soIjsJlKxuxFAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOze w1FIWUZxH7WbAAABiSpsIJYAAAQDAEcwRQIgcCwmaOtiFjf3KWXxcg2Gvr4hta4q CegwdEcLa6wL4u4CIQDpX/yJcijC/ltJzRCG8gxS3lJl4m4cU7+ZnzqXjqGEkwB3 AIdPtQ3AKdmTHeVz6fKJno5FM7OS04sKRiV0vw/usvweAAABiSpsJbkAAAQDAEgw RgIhANAupFpmQr2pu53MxE9gAzeOietzWf3EUcFmkqz5gHgnAiEA3q0vTjGcJKAt goOKUZKpMKOAtfSJfoYET9qGrdW7GX4wDQYJKoZIhvcNAQELBQADggIBAIGFCmiR icfnCgOikVEDV2Arz7dIazTBiLkCZsExYYYgMHMOq6wMP9dtGwz7AjDkOiWBi4Iz nvMkC5bADTcEHEUopzooF3YdRIpY7buzNnfEeSKxkPQ3ZzYqneXgDuZBQB9IDm1g E69QItvgtkoAfvTfEw7Ce9YLj/b7I+muRBA6jZyE/eW4zxO3uStY1RjP7xg06E2a QTgzmSJyHxhnwVwMDIDtGpRfMpKctmNhSSjnluwKWQhIQGsfTB2sB8wEHuJ1XHCP PY3lYsiD6GdNPTWD21ZqxKzgJnrRwfBOILI9FV797EvFiddH0XAItYeCOZQdGgBz pFxqwsw/FBZcZyu5o9SjlrLNWIPPZu3badzjWenN4KxHq8HNizVMqu6ScPHcRi/C zlGWhSR2BQstdJVNvm0tLQ09RYM62FNjVwPouhJuxr2blCt7UjhvVNFFqrLJfor9 SZxBA3Ch+BjaA64LaEnWae4Ara3ufsHmlQGGaHAEVy4yttLSO0DAk/p1C+RTvGq8 o4+cuxRPHsA7EUEm8FqjC4QCp+7PeZSRwjHPeRgB5QqAcRa9WyJ2f4Ty+gpr+6dN 7Gu/dDT97/2hFJe44smwoKqj1ouvYLkDHSGWyPCHi+rvDMPrxR+xrve4R31P3Ivm pvabRD/KQf3h4Bwk8Zq9jyFzxj8d0CEUeCz2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTZoUwxcPpQjJ7E1Oxd2 +PXzl78KVwqW0+Kba2VvZj7PBqhh8p/AbsSFm1yFTbqkGNBFFUMoaf0he894FOWB /rYJDolYkt+zxiuyk1MY9TqzLoCw7nCSyImo5xy1HhvUgFhc4lpi6Jzm82UMQyHC G+TD3ab1a9+6ftk0j7bsLAq/pWlIJuRu84h8iQoI2+STBDGMDNhkfOwfbl91eRKl hejImtUJ4pjJCW9JXLX1s9a/uDXgnMe7MxxCqQYAxNT1GpI0E4brHPB6aJmDgdzd zhpPsqIDqvMRmvmRfGkTVWE6EpVz/ZuZ9BvepQ05Q+mNqQWVYu6sumq64+6qodSV VwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 107557016874349830911526273168703533259825774160 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-06 08:57:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-06 08:57:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'twint.ukb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21866056105810907000478340750923791163540671728886493504370857641264755456279002783250216489844585732888703466430196170079141067847910965166408162618895192413474722441091778835851576164071761143796315418560915282484438706459817064585898679644766545947972624435468055015715446683257519494147526163884373589327114183984482657655698745476651528157941296608525659277426058435299209098428350522266727382468326071368331414281129940247380761136269864226405990408644511656807742720797515133605422036811636704492753930602487369954902444570277096717860626195628328690284096819985817438588540811770179529660279776517008242546007 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'twint.ukb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ebcd433157fb28d39786d00424f1b14a2e2c06cc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) 01e10076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001892a6c1c5f00000403004730450221009073a865e3dfbe3a60e53508330cd7cd808038c8ba2594095dcca57767886eb0022072dd1e4a8cd2b6c1023f93a290db210f8d5b9aa025a17f2531836ccab5ade770007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001892a6c1f950000040300473045022100dafcc87e0839b91f05f202cfdbde771fcf1dc06acd854d7080d3c645e61c7cb102206c0ed8b6cdd87ab4d61d92c00d8cec0a4a4cc565bd88faca088ec2652b1bb114007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001892a6c209600000403004730450220702c2668eb621637f72965f1720d86bebe21b5ae2a09e83074470b6bac0be2ee022100e95ffc897228c2fe5b49cd1086f20c52de5265e26e1c53bf999f3a978ea18493007700874fb50dc029d9931de573e9f2899e8e4533b392d38b0a462574bf0feeb2fc1e000001892a6c25b90000040300483046022100d02ea45a6642bda9bb9dccc44f6003378e89eb7359fdc451c16692acf9807827022100dead2f4e319c24a02d82838a5192a930a380b5f4897e86044fda86add5bb197e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0081850a689189c7e70a03a291510357602bcfb7486b34c188b90266c13161862030730eabac0c3fd76d1b0cfb0230e43a25818b82339ef3240b96c00d37041c4528a73a2817761d448a58edbbb33677c47922b190f43767362a9de5e00ee641401f480e6d6013af5022dbe0b64a007ef4df130ec27bd60b8ff6fb23e9ae44103a8d9c84fde5b8cf13b7b92b58d518cfef1834e84d9a4138339922721f1867c15c0c0c80ed1a945f32929cb663614928e796ec0a590848406b1f4c1dac07cc041ee2755c708f3d8de562c883e8674d3d3583db566ac4ace0267ad1c1f04e20b23d155efdec4bc589d747d17008b5878239941d1a0073a45c6ac2cc3f14165c672bb9a3d4a396b2cd5883cf66eddb69dce359e9cde0ac47abc1cd8b354caaee9270f1dc462fc2ce5196852476050b2d74954dbe6d2d2d0d3d45833ad853635703e8ba126ec6bd9b942b7b52386f54d145aab2c97e8afd499c410370a1f818da03ae0b6849d669ee00adadee7ec1e6950186687004572e32b6d2d23b40c093fa750be453bc6abca38f9cbb144f1ec03b114126f05aa30b8402a7eecf799491c231cf791801e50a807116bd5b22767f84f2fa0a6bfba74dec6bbf7434fdeffda11497b8e2c9b0a0aaa3d68baf60b9031d2196c8f0878beaef0cc3ebc51fb1aef7b8477d4fdc8be6a6f69b443fca41fde1e01c24f19abd8f2173c63f1dd02114782cf6