share-rbm.swisscom.ch

- Swisscom (Schweiz) AG -

Issued by SwissSign RSA TLS OV ICA 2021 - 1

About this certificate

This digital certificate with serial number 7a:b1:7b:ff:94:b9:1e:13:ad:e5:d5:95:a2:79:da:34:b6:ba:03:24 was issued on by SwissSign AG.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Swisscom (Schweiz) AG

Organization: Swisscom (Schweiz) AG
State / Province: BE
Locality: Worblaufen
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 7a:b1:7b:ff:94:b9:1e:13:ad:e5:d5:95:a2:79:da:34:b6:ba:03:24
Serial Number (int): 700454907721508441928579542084070606410759144228
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: db:0e:4f:3c:a3:5f:9f:69:64:63:73:67:76:5e:2f:71:4c:89:54:fe
AuthorityKeyId: ac:d0:3a:c2:c2:57:55:91:69:11:cc:70:6a:59:38:8a:8c:ac:9c:3d

Fingerprint (sha1): dd:1a:ad:10:36:9b:31:3f:c2:2e:4e:01:e1:1b:58:13:39:39:c9:fc
Fingerprint (sha256): 81:be:36:e7:f1:1a:d1:aa:14:93:e1:91:16:0e:ca:e2:31:f5:e1:78:c4:f5:20:9f:88:10:da:6a:fe:e8:fc:b1

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D

Revocation information

OCSP Server: http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D
CRL Distribution Point: ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate share-rbm.swisscom.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for share-rbm.swisscom.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

share-rbm.swisscom.ch
www.share-rbm.swisscom.ch

Other certificates including the domain name swisscom.ch

(limited to 100 certificates)
cms.staging.entertainment.swisscom.ch
cp.cspp.swisscom.ch
tvnow.swisscom.ch
internetbox-nas.staging.swisscom.ch
issue.swisscom.ch
secure04.stage.lithium.com
blockchain.swisscom.ch
magazin.swisscom.ch
i.swisscom.ch
docsafe-beta.swisscom.com
twint-prd.swisscom.ch
ssc1.imst.swisscom.ch
octane.swisscom.ch
*.portal.bankinghub.swisscom.ch
iot.vodafone.swisscom.ch
sbc1-emea-che-zhh.teamsa.swisscom.ch
ccs.join.swisscom.ch
*.tcsbc02.teamsa.swisscom.ch
multi.swisscom.ch
l2.shared.global.fastly.net
bcs.join.swisscom.ch
secure05.lithium.com
wast.swisscom.ch
sdx.swisscom.ch
identity.phoenix.m6s.swisscom.ch
l2.shared.global.fastly.net
global-portal-dev.swisscom.ch
l2.shared.global.fastly.net
btbcs.swisscom.ch
tools.swisscom.ch
l2.shared.global.fastly.net
ssc1.ims.swisscom.ch
lite.m2m.swisscom.ch
vimaphet-dasbc1.joind.swisscom.ch
extranet-acc.swisscom.ch
extranet-int.swisscom.ch
shop.swisscom.ch
secure05.stage.lithium.com
internetbox-nas.swisscom.ch
media.oid.swisscom.ch
5670976570261504-fe4.pantheonsite.io
acs.joind.swisscom.ch
secure04.stage.lithium.com
dis.swisscom.ch
wrc.joind.swisscom.ch
*.tasbc01.teamsd.swisscom.ch
sensu-backend-8.exotrack.swisscom.ch
simple2.swisscom.ch
secure04.stage.lithium.com
5754818358411264-fe2.pantheonsite.io
issue-int.swisscom.ch
l2.shared.global.fastly.net
wmt5443.conferencing.swisscom.ch
check.swisscom.ch
clientrvk.testweb38.swisscom.ch
tpe-staging.swisscom.ch
marketplace.bankinghub.swisscom.ch
inone-game.swisscom.ch
check.swisscom.ch
dns-vetting1e.map.fastly.net
handyhilfe.swisscom.ch
secure04.stage.lithium.com
hpalm-app-prd.swisscom.ch
cockpit.dev1.swisscom.ch
secure05.stage.lithium.com
rtc-dis.swisscom.ch
het-cds.swisscom.ch
mds01.swisscom.ch
www.survey.swisscom.ch
tv-thankyou.swisscom.ch
inone.swisscom.ch
buyback.swisscom.ch
secure04.stage.lithium.com
stag-messagingproxy.swisscom.ch
secure05.lithium.com
oms-tst.omsaas.swisscom.ch
buyback.swisscom.ch
hipchat.swisscom.ch
regapi-1olb.swisscom.ch
repairmanager.swisscom.ch
robotics.swisscom.ch
zhheapp-sasbc01.joineapp.swisscom.ch
git-test.swisscom.ch
5754818358411264-fe2.pantheonsite.io
acs.gated.swisscom.ch
www.lawe-network.lime.novu.ch
cw000130.exotrack.swisscom.ch
teamsgw03.gatea.swisscom.ch
xmlgwis.swisscom.ch
bm.cspp.swisscom.ch
service.swisscom.ch
identity.scl.swisscom.ch
sfs01.exotrack.swisscom.ch
secure05.lithium.com
help.mycloud.ch
finance.swisscom.ch
griprod1218.exotrack.swisscom.ch
col01wc.integration.conferencing.swisscom.ch
l2.shared.global.fastly.net
*.int.swisscom.ch

Certificate

The complete raw certificate details for share-rbm.swisscom.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJvjCCB6agAwIBAgIUerF7/5S5HhOt5dWVonnaNLa6AyQwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjEgLSAxMB4XDTIyMTEyODA5
MjQyMFoXDTIzMTEyODA5MjQyMFowbzELMAkGA1UEBhMCQ0gxCzAJBgNVBAgTAkJF
MRMwEQYDVQQHEwpXb3JibGF1ZmVuMR4wHAYDVQQKExVTd2lzc2NvbSAoU2Nod2Vp
eikgQUcxHjAcBgNVBAMTFXNoYXJlLXJibS5zd2lzc2NvbS5jaDCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAOjvBuIhd4CFf2olDe66lS89U9JqLarqlyGt
5RfPGDQToh66EQtRyUkQLReY/xeG4hSWyIw9va6y6JTlXa101KT4Q1K/htMxNApW
tbolPU8/S+XSLxxhmqg37ewd2zgoYI8O7Ydo4jZgLeOS1HvcuMWQNtChzrg8zoVO
eJKmAVNNjkSNySH84BgGmqvfwfY671ETJWJN2ULrM4DUjw5D6AIkupue2UmiJ7lS
NcEC60flodqmfE1cDNQHG0KMOoJRcybgnNXXNjV2U98MpoQCMTA/CzAe48JvD9ns
vbr1WNaOBDIaTGECLRf2lHDPjDvris4AsFlq/2eicm267noyJLwNSuMO+2/nYZHX
q1JV/aAfbbK5UX8KsXaeSCUNa1jT8cMqU7E7pZWNj8QiOXJ2ltgNIeg/NQX0PdIL
OYT9x72vnnKU/MiX8tarwZ4St6tiqovEMnjPv+3VyXNDItoM8v9fugz4aVeu42kD
lB5EkHIXLpere8LXW3U9LYXfqE+3/nzkRv+/H4cKrqHV0i72vpgT8hOXj0UEW3dB
e33MxMeCCcuaVsYyxXOSP1GI1TKpq1MBulV/TQ0hUdVk1tXGSH+6OMx7lHRRovMr
/LQVWmXjap5FRYPifg6bbydYqp8OkW42o87a7a91hw+i4ZehbuqCt6gSq0VlqpU8
TScjthIZAgMBAAGjggRvMIIEazA7BgNVHREENDAyghVzaGFyZS1yYm0uc3dpc3Nj
b20uY2iCGXd3dy5zaGFyZS1yYm0uc3dpc3Njb20uY2gwDgYDVR0PAQH/BAQDAgWg
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU2w5PPKNf
n2lkY3Nndl4vcUyJVP4wHwYDVR0jBBgwFoAUrNA6wsJXVZFpEcxwalk4ioysnD0w
gf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3NpZ24ubmV0L0FD
RDAzQUMyQzI1NzU1OTE2OTExQ0M3MDZBNTkzODhBOENBQzlDM0QwgaiggaWggaKG
gZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049QUNEMDNBQzJDMjU3
NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRCUyQ089U3dpc3NTaWduJTJDQz1D
SD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JM
RGlzdHJpYnV0aW9uUG9pbnQwbwYDVR0gBGgwZjBQBghghXQBWQIBAjBEMEIGCCsG
AQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1Np
Z25fQ1BTX1RMUy5wZGYwCAYGBACPegEHMAgGBmeBDAECAjCBxgYIKwYBBQUHAQEE
gbkwgbYwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2NnaS1iaW4v
YXV0aG9yaXR5L2Rvd25sb2FkL0FDRDAzQUMyQzI1NzU1OTE2OTExQ0M3MDZBNTkz
ODhBOENBQzlDM0QwTgYIKwYBBQUHMAGGQmh0dHA6Ly9vY3NwLnN3aXNzc2lnbi5u
ZXQvQUNEMDNBQzJDMjU3NTU5MTY5MTFDQzcwNkE1OTM4OEE4Q0FDOUMzRDCCAX8G
CisGAQQB1nkCBAIEggFvBIIBawFpAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQAp
Bo2yCJo32RMAAAGEvY09FgAABAMARzBFAiEAhacZdhrSzxBbdrh48Nl7c2RJsasy
POWf2v4JVeLcMSECIG3zrJwBNR6UxB2x42xHrsur947vVqRL8MBm4YEvB+2LAHYA
ejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGEvY09rwAABAMARzBF
AiBAgMmrenRe3dQDD5Cjjzwgb31w66COh4M2qIEkzROg+wIhAMaU0HmJ9DoF97Rx
mRE918BTKDedNVh+METAI8Lg93ZtAHcA6D7Q2j71BjUy51covIlryQPTy9ERa+zr
aeF3fW0GvW4AAAGEvY09SQAABAMASDBGAiEAwpm9S9X5FsSHWgOj1YC5MEi5Ue3t
NU3JSUNLlGxmPuoCIQD/05xh+CrAlFan6j9DoXloTtUc4AbFi4rVz5IAG48q3zAN
BgkqhkiG9w0BAQsFAAOCAgEAlJ3AdKNOr9ndXG21feEJOZfPBnHqRR2T81WQ0flN
fM5xymr5U7hUuUYZz+8pw4vwQt71ELyuqwGLDW//G+n912sfzygYdEQg5meBNA0F
IwERLQQqtQF4KA49xJhm+OGVrLklS9yvMsObKyx9ikVE4Eyl1R3sgIlN7hJl4c3p
vqkJkOw+w5CdiNbWkXuqASIr/1R/yblYjo/2miWEXmH4GYrDCAUGHSvKCMr8zr5j
nC7u+UGZMKFXVqvPNzwzXOD5B6BnVhBUaR30cFJ3WAWphl2xIlJLO5geeYapAyeu
5kx4oh2dz1Yx7QZul6J8fl4aD7qBVsnGxhu1Kr8DzqWDBFT0R7MwXl0E1bMy2l5n
D5uwaCgJ2ZjpTl8TQuNagwfL50gZgiG1RJeffWZKl90E9xtR8jP2yjPSnarEF2cF
NEXOR9XKrmTk2IUqPXr8Kq9/qDsCvFAeZar3VVpzmSt6aG0QeOR7z43M23bOvFq+
mS7rNZ18iw96jdgVboCk/jWCTuai01ID09r9qiXSfaLXyhZh4ILZV00+Sei48tFl
QxKVS778dg3Fv+QDGzvrBWq7JgqWFdJNTLqt1+PvdgDmj7oVo+xsBvfhsaLpfwao
NPzcH25jumFMMdGb2EJtEXep9FvBjriIZ7+5BubuiLQgNsngDJOVCz3zIJfJ1jDi
u3o=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6O8G4iF3gIV/aiUN7rqV
Lz1T0motquqXIa3lF88YNBOiHroRC1HJSRAtF5j/F4biFJbIjD29rrLolOVdrXTU
pPhDUr+G0zE0Cla1uiU9Tz9L5dIvHGGaqDft7B3bOChgjw7th2jiNmAt45LUe9y4
xZA20KHOuDzOhU54kqYBU02ORI3JIfzgGAaaq9/B9jrvURMlYk3ZQuszgNSPDkPo
AiS6m57ZSaInuVI1wQLrR+Wh2qZ8TVwM1AcbQow6glFzJuCc1dc2NXZT3wymhAIx
MD8LMB7jwm8P2ey9uvVY1o4EMhpMYQItF/aUcM+MO+uKzgCwWWr/Z6JybbruejIk
vA1K4w77b+dhkderUlX9oB9tsrlRfwqxdp5IJQ1rWNPxwypTsTullY2PxCI5cnaW
2A0h6D81BfQ90gs5hP3Hva+ecpT8yJfy1qvBnhK3q2Kqi8QyeM+/7dXJc0Mi2gzy
/1+6DPhpV67jaQOUHkSQchcul6t7wtdbdT0thd+oT7f+fORG/78fhwquodXSLva+
mBPyE5ePRQRbd0F7fczEx4IJy5pWxjLFc5I/UYjVMqmrUwG6VX9NDSFR1WTW1cZI
f7o4zHuUdFGi8yv8tBVaZeNqnkVFg+J+DptvJ1iqnw6Rbjajztrtr3WHD6Lhl6Fu
6oK3qBKrRWWqlTxNJyO2EhkCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 700454907721508441928579542084070606410759144228
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2021 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-28 09:24:20 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-28 09:24:20 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Worblaufen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Swisscom (Schweiz) AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'share-rbm.swisscom.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 950286582474612533270421404043460264334992403749326888853266156983990602588175323930320687399772650490335397505417564178488919196696781103216244040834752246095510913701006829525904350175097466487284788999023311253397764912680216036349324870098543019432967486725988594824821078498292263824601541589217682282071071786790641382463421057524435108682726668502560155768508573192617237474379617067367381489956894239353753368820955466358123052519290440377329670769618486199901471061193193923031671794791161542594601600512761285072008564101632853157758836221005581102128308176598198002513808405417358709925670856546864113883963063248931739881253319493173985198780779911231142060320108219664375906454040823864659837284416543616405662016345427996474019317332771121115713573407301334201541044132011486156063629614722986002535783807356306202725554761200932065351914437019738113486965327078818279930030068194306622443714127502388536526427582287629957259041670472278457837060006300753904650262549198923962407394094470324676380256580492208222089012025103957126468561183710163928869564888538288991110064524045858142527604334389323575922675095537056944760658497828038656157533455621054208679363174440342690079385601105185549282861677600822341901095449
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'share-rbm.swisscom.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.share-rbm.swisscom.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							db0e4f3ca35f9f6964637367765e2f714c8954fe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName acd03ac2c25755916911cc706a59388a8cac9c3d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=ACD03AC2C25755916911CC706A59388A8CAC9C3D%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/ACD03AC2C25755916911CC706A59388A8CAC9C3D'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000184bd8d3d16000004030047304502210085a719761ad2cf105b76b878f0d97b736449b1ab323ce59fdafe0955e2dc312102206df3ac9c01351e94c41db1e36c47aecbabf78eef56a44bf0c066e1812f07ed8b0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000184bd8d3daf000004030047304502204080c9ab7a745eddd4030f90a38f3c206f7d70eba08e878336a88124cd13a0fb022100c694d07989f43a05f7b47199113dd7c05328379d35587e3044c023c2e0f7766d007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000184bd8d3d490000040300483046022100c299bd4bd5f916c4875a03a3d580b93048b951eded354dc949434b946c663eea022100ffd39c61f82ac09456a7ea3f43a179684ed51ce006c58b8ad5cf92001b8f2adf
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00949dc074a34eafd9dd5c6db57de1093997cf0671ea451d93f35590d1f94d7cce71ca6af953b854b94619cfef29c38bf042def510bcaeab018b0d6fff1be9fdd76b1fcf2818744420e66781340d052301112d042ab50178280e3dc49866f8e195acb9254bdcaf32c39b2b2c7d8a4544e04ca5d51dec80894dee1265e1cde9bea90990ec3ec3909d88d6d6917baa01222bff547fc9b9588e8ff69a25845e61f8198ac30805061d2bca08cafccebe639c2eeef9419930a15756abcf373c335ce0f907a067561054691df47052775805a9865db122524b3b981e7986a90327aee64c78a21d9dcf5631ed066e97a27c7e5e1a0fba8156c9c6c61bb52abf03cea5830454f447b3305e5d04d5b332da5e670f9bb0682809d998e94e5f1342e35a8307cbe748198221b544979f7d664a97dd04f71b51f233f6ca33d29daac41767053445ce47d5caae64e4d8852a3d7afc2aaf7fa83b02bc501e65aaf7555a73992b7a686d1078e47bcf8dccdb76cebc5abe992eeb359d7c8b0f7a8dd8156e80a4fe35824ee6a2d35203d3dafdaa25d27da2d7ca1661e082d9574d3e49e8b8f2d1654312954bbefc760dc5bfe4031b3beb056abb260a9615d24d4cbaadd7e3ef7600e68fba15a3ec6c06f7e1b1a2e97f06a834fcdc1f6e63ba614c31d19bd8426d1177a9f45bc18eb88867bfb906e6ee88b42036c9e00c93950b3df32097c9d630e2bb7a