identifikation.ukb.ch

- Urner Kantonalbank -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 1a:59:03:ec:fe:81:b6:6d:51:b3:46:e0:f0:06:e0:77:e0:3a:db:bf was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Urner Kantonalbank

Organization: Urner Kantonalbank
State / Province: UR
Locality: Altdorf
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 1a:59:03:ec:fe:81:b6:6d:51:b3:46:e0:f0:06:e0:77:e0:3a:db:bf
Serial Number (int): 150418868345882858995697958349856644086338608063
Serial Number lenght: 157 bits, 20 octets

SubjectKeyId: d9:6d:2a:8c:d9:1e:8a:85:4d:98:66:2d:23:f0:3c:cb:8d:36:ab:22
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 5e:df:a2:59:2c:9d:dc:af:5d:bd:7d:bc:75:cc:71:43:01:54:9f:07
Fingerprint (sha256): 8d:d7:99:50:1a:7b:14:a2:08:c1:59:13:aa:f9:54:7f:4c:cf:5a:72:c5:4d:af:b7:3a:a8:31:cf:31:90:02:c9

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate identifikation.ukb.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for identifikation.ukb.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

identifikation.ukb.ch

Other certificates including the domain name ukb.ch

(limited to 100 certificates)
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
twint-test.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch

Certificate

The complete raw certificate details for identifikation.ukb.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJUjCCBzqgAwIBAgIUGlkD7P6Btm1Rs0bg8Abgd+A6278wDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDEyNTEz
MTA1M1oXDTI1MDEyNTEzMTA1M1owaTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlVS
MRAwDgYDVQQHDAdBbHRkb3JmMRswGQYDVQQKDBJVcm5lciBLYW50b25hbGJhbmsx
HjAcBgNVBAMTFWlkZW50aWZpa2F0aW9uLnVrYi5jaDCCAiIwDQYJKoZIhvcNAQEB
BQADggIPADCCAgoCggIBALOe5WD239SaoJHY7KX8t4nx0KVsBCwfJF8tpSjkWY3o
Md2OeZKUynlgZ07dJt7hIWNIQHWr/HFZLWTPPtZWMzkLNnqd7kW8hbCpV8nndagP
eXBoq91SfdZqnwwaTQqiHz9CjAPFiVuhZxIuSc/wMcAWRnPl9WMbspQUFkPTOd77
aV1bJ0BGJFWWJ7N1701Iq5+7HsX7OLuv/azvvakKodBtp2kgWszntJCNX+ABu61s
DlkMDhO71nfDD/L2efF8SrX/jG43JmmjqblfIwwDTFbn5QbQK5Bj6rxz5oxS5UXS
09JzsRXftfc5O+nS6aHujJ5oaNp8NOrD+7Hm4F/6wV3Yczc7tlMsRaPOBi5shzfs
fGbJqqK6oY4G3KI3lhkhwyAAM8GvQUafwZB6g+mdtfXFFpSHi+HvPOQZlMeMGJq2
VZzRW6qrQnhNBxXChHVhmv/VtPgj4/rr97gXqtvZey/o1XgZGFzZvaP1lodsG1iw
F3abGqOEj7tjijvBmi+p5vy5oy6HUOZFoPXPwpGVj9DwvCw10SXU2tce5jxgWfDY
IeTK1U4sf+6wY3D5yrc/VqG42ca3lvSIBqW1DTqixqOhGWiDV59Bn114uJhUPA/o
N7GyhG5cdLMKBH1Kek3q0AN8WefQilDpyFDszYuhjtxtq/1VOyBAdAsBqryEQHgn
AgMBAAGjggQJMIIEBTCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKGQGh0
dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0wZjJiZjlhNS1kZDM3LTQ4YzktYTg1
Yi0xMmFjZGNiOGJlNDUwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNzc2ln
bi5jaC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3M2Vm
ZWMwbwYDVR0gBGgwZjAIBgZngQwBAgIwCAYGBACPegEHMFAGCGCFdAFZAgECMEQw
QgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3
aXNzU2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vY3Js
LnN3aXNzc2lnbi5jaC9jZHAtOTZiNjJmNWEtNmI3My00ZGE0LTg3ZjctY2U0MDAy
YzFjZDM0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8E
BAMCBaAwIAYDVR0RBBkwF4IVaWRlbnRpZmlrYXRpb24udWtiLmNoMB0GA1UdDgQW
BBTZbSqM2R6KhU2YZi0j8DzLjTarIjAfBgNVHSMEGDAWgBR8bwpvEw/ZjCRvJjTz
XGtDbbcjtjCCAfcGCisGAQQB1nkCBAIEggHnBIIB4wHhAHcAVYHUwhaQNgFK6gub
VzxT8MDkOHhwJQgXL6OqHQcT0wwAAAGNQL6rYgAABAMASDBGAiEAziiEqxcoBebQ
PKD/1EE3Fe9OzdCDW+D8R2WR4mskcM4CIQCsjpuasnWltMXwcrVb7HuaOARBiUDI
9Wv5Lu6dFIIPDQB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAAB
jUC+rMAAAAQDAEcwRQIhAM3R98QSollv8m6b8iToLHuGSHUNawqxBPwz3Dm0Lf63
AiAJd7Hx+kxffAK6cnvlCigyRMylrpMqiwZhxsB6FaJu+gB2AMz7D2qFcQll/pWb
U87psnwi6YVcDZeNtql+VMD+TA2wAAABjUC+r7sAAAQDAEcwRQIgEty2A+sUP5y0
3A7wvbBc5o+dbq/Z6PdKXDWQ+87nOCcCIQDySdyvGhySvmNoNgnDlMYO7dLqgExD
jpTY9tPso9ntdwB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAAB
jUC+sTsAAAQDAEcwRQIgM+fHI9vCJIEwRYJLmTGNKIcDFIpFFMhiHiPHifBgHscC
IQCKYdzaSChuN+hHc9QYSKJ2h9FSNVb0I++V5Cjnq1g0LjANBgkqhkiG9w0BAQsF
AAOCAgEAe+qz3SINCkigQNTUu0ZNFm9w+i1xTSu5HEY69SdgH9s1E+MAYCkanOyP
P8T3mvFGxLDy1gbIgTpzfZQjKk2qrLP24+ELuJ3vvlYVJt122LL6EiR6coJ86ITw
mPuFJlMtTCym8YQ84MnVGuO75gXBb/TzH388d18E2A/Oq8teTe20msCTpwf2/eSS
826fpVVPbCpVYMYUzf0017Xi+rih3X6SNahHvuiUSlkOs/lz/0BFwjwMAjWORZ0k
BXYl4l7uQu1+SjrkmNsbawr8tty7YYGmCuBH/wFtXfMDy3CL09CDtwMlXpdyZtlo
VL+rLiizBXNg//XMWYairx7nKAMLGh7txtH+vJbs6SL8HkbayhjKZDJSBJvqUCXN
cYmJ5T8YrUxG9w7fZc3YpBxc+RqEtYxJIjsxIkLU8xyJadvc+/YtvHcBM6roLFUK
NqRpwkPDwONj1K7MOvQr0p4GEpRJ+jbh+rN8HyMGaI6ZEOYio4JPoLYVkTiivg9x
LwQdGQ7v+nEOEw7N9m87gfte5tZUtvWvxtkT+eYpTb0QuyNnyfRsfxP9ab1sG1Ip
U0icwtE38VxJX303QQG6FnNYy88a5iqdf95NVBb/tL4O7UaatBElrDf3CTguSe1S
pv0vX1qhfj0UoNml/Re9JnaXLM8tY1MoD+cMl3J1TYCjKUR/vMk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs57lYPbf1Jqgkdjspfy3
ifHQpWwELB8kXy2lKORZjegx3Y55kpTKeWBnTt0m3uEhY0hAdav8cVktZM8+1lYz
OQs2ep3uRbyFsKlXyed1qA95cGir3VJ91mqfDBpNCqIfP0KMA8WJW6FnEi5Jz/Ax
wBZGc+X1YxuylBQWQ9M53vtpXVsnQEYkVZYns3XvTUirn7sexfs4u6/9rO+9qQqh
0G2naSBazOe0kI1f4AG7rWwOWQwOE7vWd8MP8vZ58XxKtf+MbjcmaaOpuV8jDANM
VuflBtArkGPqvHPmjFLlRdLT0nOxFd+19zk76dLpoe6Mnmho2nw06sP7sebgX/rB
XdhzNzu2UyxFo84GLmyHN+x8ZsmqorqhjgbcojeWGSHDIAAzwa9BRp/BkHqD6Z21
9cUWlIeL4e885BmUx4wYmrZVnNFbqqtCeE0HFcKEdWGa/9W0+CPj+uv3uBeq29l7
L+jVeBkYXNm9o/WWh2wbWLAXdpsao4SPu2OKO8GaL6nm/LmjLodQ5kWg9c/CkZWP
0PC8LDXRJdTa1x7mPGBZ8Ngh5MrVTix/7rBjcPnKtz9WobjZxreW9IgGpbUNOqLG
o6EZaINXn0GfXXi4mFQ8D+g3sbKEblx0swoEfUp6TerQA3xZ59CKUOnIUOzNi6GO
3G2r/VU7IEB0CwGqvIRAeCcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 150418868345882858995697958349856644086338608063
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-25 13:10:53 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-25 13:10:53 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'UR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Altdorf'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Urner Kantonalbank'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'identifikation.ukb.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 732788472425319121422706833673709384566747312999095576455245745720340060293736275880979057883002279325939937370421530850026726316112349406519428968654026041088035885021674217530163087431274645852657618005920192762474123185572294797385685310063213395141158074990033416978410874345170278077436510796892684159873068337276866332722546642683015496731206098815639932228366246398359803473681679722563739016104678810334933859254827227698182296489352518344216355742598192681469653268475967971289561958245529141424917978037937940121441494793597376884986343262275398711149173113074562175232191546991258926788522381696052575163114633003560000578413677712965319960274502376110956368707540412792833815200217734658420072696933726040034465708827721804429285205670474476715463709535684736942626916041727565282033022918130550005693610986629739606089491358224535523127431681120817256752898255640064862300545711163035659199787523573600818684093413057433319074799030436740643152455919223114387024992085209503664578909837997964371047935627577946440880202130472579185735434558790812916368205058949619179188214423350589131627247407954708896420207411757590749636917238384719542657000513247232409048944007427388887877368032628904440410029728256328534518167591
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'identifikation.ukb.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d96d2a8cd91e8a854d98662d23f03ccb8d36ab22
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
							01e10077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018d40beab620000040300483046022100ce2884ab172805e6d03ca0ffd4413715ef4ecdd0835be0fc476591e26b2470ce022100ac8e9b9ab275a5b4c5f072b55bec7b9a3804418940c8f56bf92eee9d14820f0d007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d40beacc00000040300473045022100cdd1f7c412a2596ff26e9bf224e82c7b8648750d6b0ab104fc33dc39b42dfeb702200977b1f1fa4c5f7c02ba727be50a283244cca5ae932a8b0661c6c07a15a26efa007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018d40beafbb0000040300473045022012dcb603eb143f9cb4dc0ef0bdb05ce68f9d6eafd9e8f74a5c3590fbcee73827022100f249dcaf1a1c92be63683609c394c60eedd2ea804c438e94d8f6d3eca3d9ed770076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d40beb13b0000040300473045022033e7c723dbc224813045824b99318d288703148a4514c8621e23c789f0601ec70221008a61dcda48286e37e84773d41848a27687d1523556f423ef95e428e7ab58342e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		007beab3dd220d0a48a040d4d4bb464d166f70fa2d714d2bb91c463af527601fdb3513e30060291a9cec8f3fc4f79af146c4b0f2d606c8813a737d94232a4daaacb3f6e3e10bb89defbe561526dd76d8b2fa12247a72827ce884f098fb8526532d4c2ca6f1843ce0c9d51ae3bbe605c16ff4f31f7f3c775f04d80fceabcb5e4dedb49ac093a707f6fde492f36e9fa5554f6c2a5560c614cdfd34d7b5e2fab8a1dd7e9235a847bee8944a590eb3f973ff4045c23c0c02358e459d24057625e25eee42ed7e4a3ae498db1b6b0afcb6dcbb6181a60ae047ff016d5df303cb708bd3d083b703255e977266d96854bfab2e28b3057360fff5cc5986a2af1ee728030b1a1eedc6d1febc96ece922fc1e46daca18ca643252049bea5025cd718989e53f18ad4c46f70edf65cdd8a41c5cf91a84b58c49223b312242d4f31c8969dbdcfbf62dbc770133aae82c550a36a469c243c3c0e363d4aecc3af42bd29e06129449fa36e1fab37c1f2306688e9910e622a3824fa0b6159138a2be0f712f041d190eeffa710e130ecdf66f3b81fb5ee6d654b6f5afc6d913f9e6294dbd10bb2367c9f46c7f13fd69bd6c1b522953489cc2d137f15c495f7d374101ba167358cbcf1ae62a9d7fde4d5416ffb4be0eed469ab41125ac37f709382e49ed52a6fd2f5f5aa17e3d14a0d9a5fd17bd2676972ccf2d6353280fe70c9772754d80a329447fbcc9