identifikation.ukb.ch
- Urner Kantonalbank -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 1a:59:03:ec:fe:81:b6:6d:51:b3:46:e0:f0:06:e0:77:e0:3a:db:bf was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Urner Kantonalbank
Organization:
Urner Kantonalbank
State / Province:
UR
Locality: Altdorf
Country: CH
Locality: Altdorf
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 1a:59:03:ec:fe:81:b6:6d:51:b3:46:e0:f0:06:e0:77:e0:3a:db:bfSerial Number (int): 150418868345882858995697958349856644086338608063
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: d9:6d:2a:8c:d9:1e:8a:85:4d:98:66:2d:23:f0:3c:cb:8d:36:ab:22
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 5e:df:a2:59:2c:9d:dc:af:5d:bd:7d:bc:75:cc:71:43:01:54:9f:07
Fingerprint (sha256): 8d:d7:99:50:1a:7b:14:a2:08:c1:59:13:aa:f9:54:7f:4c:cf:5a:72:c5:4d:af:b7:3a:a8:31:cf:31:90:02:c9
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate identifikation.ukb.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for identifikation.ukb.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
identifikation.ukb.ch
Other certificates including the domain name ukb.ch
(limited to 100 certificates)
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
twint-test.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
twint-test.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
Certificate
The complete raw certificate details for identifikation.ukb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJUjCCBzqgAwIBAgIUGlkD7P6Btm1Rs0bg8Abgd+A6278wDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDEyNTEz MTA1M1oXDTI1MDEyNTEzMTA1M1owaTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlVS MRAwDgYDVQQHDAdBbHRkb3JmMRswGQYDVQQKDBJVcm5lciBLYW50b25hbGJhbmsx HjAcBgNVBAMTFWlkZW50aWZpa2F0aW9uLnVrYi5jaDCCAiIwDQYJKoZIhvcNAQEB BQADggIPADCCAgoCggIBALOe5WD239SaoJHY7KX8t4nx0KVsBCwfJF8tpSjkWY3o Md2OeZKUynlgZ07dJt7hIWNIQHWr/HFZLWTPPtZWMzkLNnqd7kW8hbCpV8nndagP eXBoq91SfdZqnwwaTQqiHz9CjAPFiVuhZxIuSc/wMcAWRnPl9WMbspQUFkPTOd77 aV1bJ0BGJFWWJ7N1701Iq5+7HsX7OLuv/azvvakKodBtp2kgWszntJCNX+ABu61s DlkMDhO71nfDD/L2efF8SrX/jG43JmmjqblfIwwDTFbn5QbQK5Bj6rxz5oxS5UXS 09JzsRXftfc5O+nS6aHujJ5oaNp8NOrD+7Hm4F/6wV3Yczc7tlMsRaPOBi5shzfs fGbJqqK6oY4G3KI3lhkhwyAAM8GvQUafwZB6g+mdtfXFFpSHi+HvPOQZlMeMGJq2 VZzRW6qrQnhNBxXChHVhmv/VtPgj4/rr97gXqtvZey/o1XgZGFzZvaP1lodsG1iw F3abGqOEj7tjijvBmi+p5vy5oy6HUOZFoPXPwpGVj9DwvCw10SXU2tce5jxgWfDY IeTK1U4sf+6wY3D5yrc/VqG42ca3lvSIBqW1DTqixqOhGWiDV59Bn114uJhUPA/o N7GyhG5cdLMKBH1Kek3q0AN8WefQilDpyFDszYuhjtxtq/1VOyBAdAsBqryEQHgn AgMBAAGjggQJMIIEBTCBsgYIKwYBBQUHAQEEgaUwgaIwTAYIKwYBBQUHMAKGQGh0 dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci0wZjJiZjlhNS1kZDM3LTQ4YzktYTg1 Yi0xMmFjZGNiOGJlNDUwUgYIKwYBBQUHMAGGRmh0dHA6Ly9vY3NwLnN3aXNzc2ln bi5jaC9zaWduL29jcy1hYWNjY2VkNS02NmU4LTQwNjktOWIxYi1mZDI5YWI3M2Vm ZWMwbwYDVR0gBGgwZjAIBgZngQwBAgIwCAYGBACPegEHMFAGCGCFdAFZAgECMEQw QgYIKwYBBQUHAgEWNmh0dHBzOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29tL1N3 aXNzU2lnbl9DUFNfVExTLnBkZjBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vY3Js LnN3aXNzc2lnbi5jaC9jZHAtOTZiNjJmNWEtNmI3My00ZGE0LTg3ZjctY2U0MDAy YzFjZDM0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8E BAMCBaAwIAYDVR0RBBkwF4IVaWRlbnRpZmlrYXRpb24udWtiLmNoMB0GA1UdDgQW BBTZbSqM2R6KhU2YZi0j8DzLjTarIjAfBgNVHSMEGDAWgBR8bwpvEw/ZjCRvJjTz XGtDbbcjtjCCAfcGCisGAQQB1nkCBAIEggHnBIIB4wHhAHcAVYHUwhaQNgFK6gub VzxT8MDkOHhwJQgXL6OqHQcT0wwAAAGNQL6rYgAABAMASDBGAiEAziiEqxcoBebQ PKD/1EE3Fe9OzdCDW+D8R2WR4mskcM4CIQCsjpuasnWltMXwcrVb7HuaOARBiUDI 9Wv5Lu6dFIIPDQB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAAB jUC+rMAAAAQDAEcwRQIhAM3R98QSollv8m6b8iToLHuGSHUNawqxBPwz3Dm0Lf63 AiAJd7Hx+kxffAK6cnvlCigyRMylrpMqiwZhxsB6FaJu+gB2AMz7D2qFcQll/pWb U87psnwi6YVcDZeNtql+VMD+TA2wAAABjUC+r7sAAAQDAEcwRQIgEty2A+sUP5y0 3A7wvbBc5o+dbq/Z6PdKXDWQ+87nOCcCIQDySdyvGhySvmNoNgnDlMYO7dLqgExD jpTY9tPso9ntdwB2AE51oydcmhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAAB jUC+sTsAAAQDAEcwRQIgM+fHI9vCJIEwRYJLmTGNKIcDFIpFFMhiHiPHifBgHscC IQCKYdzaSChuN+hHc9QYSKJ2h9FSNVb0I++V5Cjnq1g0LjANBgkqhkiG9w0BAQsF AAOCAgEAe+qz3SINCkigQNTUu0ZNFm9w+i1xTSu5HEY69SdgH9s1E+MAYCkanOyP P8T3mvFGxLDy1gbIgTpzfZQjKk2qrLP24+ELuJ3vvlYVJt122LL6EiR6coJ86ITw mPuFJlMtTCym8YQ84MnVGuO75gXBb/TzH388d18E2A/Oq8teTe20msCTpwf2/eSS 826fpVVPbCpVYMYUzf0017Xi+rih3X6SNahHvuiUSlkOs/lz/0BFwjwMAjWORZ0k BXYl4l7uQu1+SjrkmNsbawr8tty7YYGmCuBH/wFtXfMDy3CL09CDtwMlXpdyZtlo VL+rLiizBXNg//XMWYairx7nKAMLGh7txtH+vJbs6SL8HkbayhjKZDJSBJvqUCXN cYmJ5T8YrUxG9w7fZc3YpBxc+RqEtYxJIjsxIkLU8xyJadvc+/YtvHcBM6roLFUK NqRpwkPDwONj1K7MOvQr0p4GEpRJ+jbh+rN8HyMGaI6ZEOYio4JPoLYVkTiivg9x LwQdGQ7v+nEOEw7N9m87gfte5tZUtvWvxtkT+eYpTb0QuyNnyfRsfxP9ab1sG1Ip U0icwtE38VxJX303QQG6FnNYy88a5iqdf95NVBb/tL4O7UaatBElrDf3CTguSe1S pv0vX1qhfj0UoNml/Re9JnaXLM8tY1MoD+cMl3J1TYCjKUR/vMk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs57lYPbf1Jqgkdjspfy3 ifHQpWwELB8kXy2lKORZjegx3Y55kpTKeWBnTt0m3uEhY0hAdav8cVktZM8+1lYz OQs2ep3uRbyFsKlXyed1qA95cGir3VJ91mqfDBpNCqIfP0KMA8WJW6FnEi5Jz/Ax wBZGc+X1YxuylBQWQ9M53vtpXVsnQEYkVZYns3XvTUirn7sexfs4u6/9rO+9qQqh 0G2naSBazOe0kI1f4AG7rWwOWQwOE7vWd8MP8vZ58XxKtf+MbjcmaaOpuV8jDANM VuflBtArkGPqvHPmjFLlRdLT0nOxFd+19zk76dLpoe6Mnmho2nw06sP7sebgX/rB XdhzNzu2UyxFo84GLmyHN+x8ZsmqorqhjgbcojeWGSHDIAAzwa9BRp/BkHqD6Z21 9cUWlIeL4e885BmUx4wYmrZVnNFbqqtCeE0HFcKEdWGa/9W0+CPj+uv3uBeq29l7 L+jVeBkYXNm9o/WWh2wbWLAXdpsao4SPu2OKO8GaL6nm/LmjLodQ5kWg9c/CkZWP 0PC8LDXRJdTa1x7mPGBZ8Ngh5MrVTix/7rBjcPnKtz9WobjZxreW9IgGpbUNOqLG o6EZaINXn0GfXXi4mFQ8D+g3sbKEblx0swoEfUp6TerQA3xZ59CKUOnIUOzNi6GO 3G2r/VU7IEB0CwGqvIRAeCcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 150418868345882858995697958349856644086338608063 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-25 13:10:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-25 13:10:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'UR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Altdorf' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Urner Kantonalbank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'identifikation.ukb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 732788472425319121422706833673709384566747312999095576455245745720340060293736275880979057883002279325939937370421530850026726316112349406519428968654026041088035885021674217530163087431274645852657618005920192762474123185572294797385685310063213395141158074990033416978410874345170278077436510796892684159873068337276866332722546642683015496731206098815639932228366246398359803473681679722563739016104678810334933859254827227698182296489352518344216355742598192681469653268475967971289561958245529141424917978037937940121441494793597376884986343262275398711149173113074562175232191546991258926788522381696052575163114633003560000578413677712965319960274502376110956368707540412792833815200217734658420072696933726040034465708827721804429285205670474476715463709535684736942626916041727565282033022918130550005693610986629739606089491358224535523127431681120817256752898255640064862300545711163035659199787523573600818684093413057433319074799030436740643152455919223114387024992085209503664578909837997964371047935627577946440880202130472579185735434558790812916368205058949619179188214423350589131627247407954708896420207411757590749636917238384719542657000513247232409048944007427388887877368032628904440410029728256328534518167591 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'identifikation.ukb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d96d2a8cd91e8a854d98662d23f03ccb8d36ab22 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) 01e10077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018d40beab620000040300483046022100ce2884ab172805e6d03ca0ffd4413715ef4ecdd0835be0fc476591e26b2470ce022100ac8e9b9ab275a5b4c5f072b55bec7b9a3804418940c8f56bf92eee9d14820f0d007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d40beacc00000040300473045022100cdd1f7c412a2596ff26e9bf224e82c7b8648750d6b0ab104fc33dc39b42dfeb702200977b1f1fa4c5f7c02ba727be50a283244cca5ae932a8b0661c6c07a15a26efa007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018d40beafbb0000040300473045022012dcb603eb143f9cb4dc0ef0bdb05ce68f9d6eafd9e8f74a5c3590fbcee73827022100f249dcaf1a1c92be63683609c394c60eedd2ea804c438e94d8f6d3eca3d9ed770076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d40beb13b0000040300473045022033e7c723dbc224813045824b99318d288703148a4514c8621e23c789f0601ec70221008a61dcda48286e37e84773d41848a27687d1523556f423ef95e428e7ab58342e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 007beab3dd220d0a48a040d4d4bb464d166f70fa2d714d2bb91c463af527601fdb3513e30060291a9cec8f3fc4f79af146c4b0f2d606c8813a737d94232a4daaacb3f6e3e10bb89defbe561526dd76d8b2fa12247a72827ce884f098fb8526532d4c2ca6f1843ce0c9d51ae3bbe605c16ff4f31f7f3c775f04d80fceabcb5e4dedb49ac093a707f6fde492f36e9fa5554f6c2a5560c614cdfd34d7b5e2fab8a1dd7e9235a847bee8944a590eb3f973ff4045c23c0c02358e459d24057625e25eee42ed7e4a3ae498db1b6b0afcb6dcbb6181a60ae047ff016d5df303cb708bd3d083b703255e977266d96854bfab2e28b3057360fff5cc5986a2af1ee728030b1a1eedc6d1febc96ece922fc1e46daca18ca643252049bea5025cd718989e53f18ad4c46f70edf65cdd8a41c5cf91a84b58c49223b312242d4f31c8969dbdcfbf62dbc770133aae82c550a36a469c243c3c0e363d4aecc3af42bd29e06129449fa36e1fab37c1f2306688e9910e622a3824fa0b6159138a2be0f712f041d190eeffa710e130ecdf66f3b81fb5ee6d654b6f5afc6d913f9e6294dbd10bb2367c9f46c7f13fd69bd6c1b522953489cc2d137f15c495f7d374101ba167358cbcf1ae62a9d7fde4d5416ffb4be0eed469ab41125ac37f709382e49ed52a6fd2f5f5aa17e3d14a0d9a5fd17bd2676972ccf2d6353280fe70c9772754d80a329447fbcc9