www.privasphere.com
- PrivaSphere AG -
Issued by DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1
About this certificate
This digital certificate with serial number 0c:ad:6f:ad:59:71:ff:9d:1e:0f:c7:59:d7:89:4e:f9 was issued on by DigiCert Ireland Limited.
With 26 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
PrivaSphere AG
Organization:
PrivaSphere AG
Locality:
Zürich
Country: CH
Country: CH
DigiCert Ireland Limited
Organization:
DigiCert Ireland Limited
Country:
IE
This certificate will expire on
Certificate Details
Serial Number (hex): 0c:ad:6f:ad:59:71:ff:9d:1e:0f:c7:59:d7:89:4e:f9Serial Number (int): 16851268387565617551203207095962390265
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 24:b5:7a:6e:92:c7:77:54:ff:88:f8:04:7f:83:23:e9:d8:8e:32:2e
AuthorityKeyId: 18:89:e7:af:f0:28:f6:7c:ca:68:05:52:e1:62:d8:91:d6:16:65:60
Fingerprint (sha1): 70:fa:03:c0:c8:10:b4:8a:bc:65:53:f9:08:ec:8a:eb:0c:95:55:a5
Fingerprint (sha256): 9c:ea:2c:c5:78:b6:e2:60:b9:27:27:6b:87:a0:18:31:98:24:da:31:c9:72:14:fa:66:ab:df:ac:f0:f4:c0:36
Issuing Certificate URL: http://cacerts.digicert.eu/DigiCertG2TLSEURSA4096SHA3842022CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.euCRL Distribution Point: http://crl.digicert.eu/DigiCertG2TLSEURSA4096SHA3842022CA1.crl
Check the revocation status for certificate www.privasphere.com
26
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.privasphere.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.privasphere.com
p4u.ch
www.p4u.ch
www.zh.privasphere.com
vrfy5210.privasphere.com
large.privasphere.com
jusphere.privasphere.com
eeg.lu.ch
ees.lu.ch
securemail.lu.ch
secmail.tg.ch
erv.tg.ch
securemail.holcim.com
securemail.ar.ch
securemail.zg.ch
securemail.bekb.ch
securemail.ifrc.org
secmail.ukb.ch
erv.sh.ch
securemail.bav.admin.ch
securemail.blw.admin.ch
sec-data-exchange.oak-bv.admin.ch
securemail.ba.admin.ch
secmail.bvger.ch
secmail.ti.ch
securemail.mme.ch
p4u.ch
www.p4u.ch
www.zh.privasphere.com
vrfy5210.privasphere.com
large.privasphere.com
jusphere.privasphere.com
eeg.lu.ch
ees.lu.ch
securemail.lu.ch
secmail.tg.ch
erv.tg.ch
securemail.holcim.com
securemail.ar.ch
securemail.zg.ch
securemail.bekb.ch
securemail.ifrc.org
secmail.ukb.ch
erv.sh.ch
securemail.bav.admin.ch
securemail.blw.admin.ch
sec-data-exchange.oak-bv.admin.ch
securemail.ba.admin.ch
secmail.bvger.ch
secmail.ti.ch
securemail.mme.ch
Other certificates including the domain name privasphere.com
(limited to 100 certificates)
git.privasphere.com
crm.privasphere.com
crm.privasphere.com
bugs.privasphere.com
www-dev.privasphere.com
www-dev.privasphere.com
crm.privasphere.com
crl-dev.privasphere.com
bugs.privasphere.com
typo3.privasphere.com
git.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
typo3.privasphere.com
*.privasphere.com
bugs.privasphere.com
www.privasphere.com
crm.privasphere.com
bugs.privasphere.com
bugs.privasphere.com
crl-dev.privasphere.com
typo3.privasphere.com
www.privasphere.com
git.privasphere.com
tickets.privasphere.com
www.privasphere.com
crm.privasphere.com
crl-dev.privasphere.com
tickets.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
www.privasphere.com
typo3.privasphere.com
typo3.privasphere.com
www.privasphere.com
crm.privasphere.com
tickets.privasphere.com
tickets.privasphere.com
www.privasphere.com
tickets.privasphere.com
*.privasphere.com
smtp.privasphere.com
bugs.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
tickets.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
www-dev.privasphere.com
www.privasphere.com
www.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
crm.privasphere.com
puppet.privasphere.com
www.privasphere.com
tickets.privasphere.com
typo3.privasphere.com
tickets.privasphere.com
typo3.privasphere.com
typo3.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
www-dev.privasphere.com
git.privasphere.com
www.privasphere.com
bugs.privasphere.com
crm.privasphere.com
crl-dev.privasphere.com
puppet.privasphere.com
www.privasphere.com
www.privasphere.com
git.privasphere.com
git.privasphere.com
tickets.privasphere.com
crl-dev.privasphere.com
tickets.privasphere.com
crl-dev.privasphere.com
bugs.privasphere.com
bugs.privasphere.com
typo3.privasphere.com
*.privasphere.com
www.privasphere.com
www.privasphere.com
crm.privasphere.com
typo3.privasphere.com
crm.privasphere.com
typo3.privasphere.com
bugs.privasphere.com
tickets.privasphere.com
bugs.privasphere.com
tickets.privasphere.com
bugs.privasphere.com
crm.privasphere.com
crm.privasphere.com
crm.privasphere.com
bugs.privasphere.com
www-dev.privasphere.com
www-dev.privasphere.com
crm.privasphere.com
crl-dev.privasphere.com
bugs.privasphere.com
typo3.privasphere.com
git.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
typo3.privasphere.com
*.privasphere.com
bugs.privasphere.com
www.privasphere.com
crm.privasphere.com
bugs.privasphere.com
bugs.privasphere.com
crl-dev.privasphere.com
typo3.privasphere.com
www.privasphere.com
git.privasphere.com
tickets.privasphere.com
www.privasphere.com
crm.privasphere.com
crl-dev.privasphere.com
tickets.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
www.privasphere.com
typo3.privasphere.com
typo3.privasphere.com
www.privasphere.com
crm.privasphere.com
tickets.privasphere.com
tickets.privasphere.com
www.privasphere.com
tickets.privasphere.com
*.privasphere.com
smtp.privasphere.com
bugs.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
tickets.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
www-dev.privasphere.com
www.privasphere.com
www.privasphere.com
www.privasphere.com
crl-dev.privasphere.com
crm.privasphere.com
puppet.privasphere.com
www.privasphere.com
tickets.privasphere.com
typo3.privasphere.com
tickets.privasphere.com
typo3.privasphere.com
typo3.privasphere.com
www.privasphere.com
typo3.privasphere.com
www.privasphere.com
www-dev.privasphere.com
git.privasphere.com
www.privasphere.com
bugs.privasphere.com
crm.privasphere.com
crl-dev.privasphere.com
puppet.privasphere.com
www.privasphere.com
www.privasphere.com
git.privasphere.com
git.privasphere.com
tickets.privasphere.com
crl-dev.privasphere.com
tickets.privasphere.com
crl-dev.privasphere.com
bugs.privasphere.com
bugs.privasphere.com
typo3.privasphere.com
*.privasphere.com
www.privasphere.com
www.privasphere.com
crm.privasphere.com
typo3.privasphere.com
crm.privasphere.com
typo3.privasphere.com
bugs.privasphere.com
tickets.privasphere.com
bugs.privasphere.com
tickets.privasphere.com
bugs.privasphere.com
crm.privasphere.com
Certificate
The complete raw certificate details for www.privasphere.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKXjCCCEagAwIBAgIQDK1vrVlx/50eD8dZ14lO+TANBgkqhkiG9w0BAQsFADBl MQswCQYDVQQGEwJJRTEhMB8GA1UEChMYRGlnaUNlcnQgSXJlbGFuZCBMaW1pdGVk MTMwMQYDVQQDEypEaWdpQ2VydCBHMiBUTFMgRVUgUlNBNDA5NiBTSEEzODQgMjAy MiBDQTEwHhcNMjQwMjI5MDAwMDAwWhcNMjUwMjI4MjM1OTU5WjBWMQswCQYDVQQG EwJDSDEQMA4GA1UEBwwHWsO8cmljaDEXMBUGA1UEChMOUHJpdmFTcGhlcmUgQUcx HDAaBgNVBAMTE3d3dy5wcml2YXNwaGVyZS5jb20wggIiMA0GCSqGSIb3DQEBAQUA A4ICDwAwggIKAoICAQCsIrbtZzCQ/2gQQ/u/zF6XYSOifcKl1Mq+wMos2HU2Omix ydvQWTQpqROMy3KZ7hqVYEc5R5w9J/+t8lfJMncjxnzdHF0QHkIYQ2VYHltHrzHN r8jlX5WFUPXBt7Jd+m9hfRc4jL3Bbz9LMACuJ+jigqEZnM6J1EnSG61tIoIvzYK9 72jZMFCDms8tiKBG+98M8tkyTUF+BDSJLeB0glzXVMF0+dsI/0Br1XcpCh20Ouom wGZ4UYXJUnlaVGeTUUYgNgiG/5wmGQdBy91lixM5af+jjPQaoeoTM5f14hOlnAh0 FBAveLq/1MME6vpZiVmuAgl+mPBxo7Caj4NQ0SMs4btvl6oTaOTBgd3vOksm1Gjx 97TTlQkLF9rLMD29mU80AOWtuS7WyqsnpjPuk1LgKcRq4Tz2URsXAJBXtrA8l663 0I88FhhtBbDvPVvnXLf47aLpLFY+YjbHQ3mxsoxrSB5lypUy0CbAiNpd3s4VInoa sj+c4ibu2xolaHvVRF2klCfbgalbejMkxx4tnZais2XNqr1LUz3KIMXQHn4rQIeh wzTzL2y903ng++aWkA0TwFDlBzWLVKbS/jfqaX8yOcwgGhBCxRn69+EUdycBan6R fevMEcqo7XJqzOUi6HTyjRCo/hrtI85ADVDNZXFh8TtRMlanHyNoKhRmAUPG9QID AQABo4IFFzCCBRMwHwYDVR0jBBgwFoAUGInnr/Ao9nzKaAVS4WLYkdYWZWAwHQYD VR0OBBYEFCS1em6Sx3dU/4j4BH+DI+nYjjIuMIIB+wYDVR0RBIIB8jCCAe6CE3d3 dy5wcml2YXNwaGVyZS5jb22CBnA0dS5jaIIKd3d3LnA0dS5jaIIWd3d3LnpoLnBy aXZhc3BoZXJlLmNvbYIYdnJmeTUyMTAucHJpdmFzcGhlcmUuY29tghVsYXJnZS5w cml2YXNwaGVyZS5jb22CGGp1c3BoZXJlLnByaXZhc3BoZXJlLmNvbYIJZWVnLmx1 LmNoggllZXMubHUuY2iCEHNlY3VyZW1haWwubHUuY2iCDXNlY21haWwudGcuY2iC CWVydi50Zy5jaIIVc2VjdXJlbWFpbC5ob2xjaW0uY29tghBzZWN1cmVtYWlsLmFy LmNoghBzZWN1cmVtYWlsLnpnLmNoghJzZWN1cmVtYWlsLmJla2IuY2iCE3NlY3Vy ZW1haWwuaWZyYy5vcmeCDnNlY21haWwudWtiLmNoggllcnYuc2guY2iCF3NlY3Vy ZW1haWwuYmF2LmFkbWluLmNoghdzZWN1cmVtYWlsLmJsdy5hZG1pbi5jaIIhc2Vj LWRhdGEtZXhjaGFuZ2Uub2FrLWJ2LmFkbWluLmNoghZzZWN1cmVtYWlsLmJhLmFk bWluLmNoghBzZWNtYWlsLmJ2Z2VyLmNogg1zZWNtYWlsLnRpLmNoghFzZWN1cmVt YWlsLm1tZS5jaDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhto dHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBPBgNVHR8ESDBGMESgQqBAhj5odHRw Oi8vY3JsLmRpZ2ljZXJ0LmV1L0RpZ2lDZXJ0RzJUTFNFVVJTQTQwOTZTSEEzODQy MDIyQ0ExLmNybDCBgwYIKwYBBQUHAQEEdzB1MCMGCCsGAQUFBzABhhdodHRwOi8v b2NzcC5kaWdpY2VydC5ldTBOBggrBgEFBQcwAoZCaHR0cDovL2NhY2VydHMuZGln aWNlcnQuZXUvRGlnaUNlcnRHMlRMU0VVUlNBNDA5NlNIQTM4NDIwMjJDQTEuY3J0 MAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgBZgB2AE51oydc mhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjfU3cKkAAAQDAEcwRQIhANIK 4x58YEftW3/huwDgW+P7doB0DYiTazRCrTGc8VjgAiAXUn8xQIezv0/BSJmqa7kU sw1E3O10BP/qqTJBrweQmwB1AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0e N45QAAABjfU3cV0AAAQDAEYwRAIgI8nIzrvGL4XhG5DH8EDPzY7ooSlp5vvjcehR Xvtto9wCIDLlJgM8/1ateDBP5YN4nxEJjUKxV2vfdIIPsHGQJFD0AHUAzxFW7tUu fK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGN9TdwaQAABAMARjBEAiBWvoQy 5Yn3X3NYAPOQ2ddA9GxCQRlg6WL3TUPWO2wSZQIgHKOiL34HAVnYMim6s3bnnGae 1HhPie2472+uXmsntu0wDQYJKoZIhvcNAQELBQADggIBAD2x8WHFvpQfCFLjeURQ AH4QGIQ5v/s06O8+mUsuA3VgayYqXmJ3J6hsSiYnzVCvjnUggKguUbUpJHZXjOZa XNlOXJQHeWDW7jJGKiXPtzng74w/5icUk9NpLuxSM9I8LX38k2r/DsfoFfEz0Nxq 83BOLY8vq1Nku3HTQ2x4efg+A5vUW+9FxijkD2hvaCe5RORwbPgIMwbIXmJmGsYm lW++2HvydUBihD2KYzXicBNFeUxpyqfVyAQ90Hv6Rk9UBmOW0NXZRNh95QB3f1/2 NeUocegCZ5gmZuMv0HDRZiL8pZOZi3hqUsDl0nCxtTVl6FmhYlI2PJOvaHPSJ4Hz eP2dXNaWD99nyo3w0qM9fiTIWTkgejDW3kw1VbAAJbZm9eKoOvU2BBszOjwzZsz1 LX49htRr0Zifup59YHEkkmW96aqEvK5Fjhm5VSX1CP4x6T7WrC2OUGR17HzOPDso sSIui2UG0fT4C1yCyw1I9szQFf4ZWZXWYZ95dJZAte83DgainRiWvIFaWPpVOIgC vjbOAXqZVhrozGNmAQ/mLC4U5jCmoNvERgXXaw561lnVcMcnDJVLFMI//BrL83nz zYw2jqSsH45xtc90ZwcbHicsrk9wRzef0VubNoquW0EgULNMcw0ArT7S2MOtqyu6 HKbQc66qmeGT9Jyd5rsY75lu -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArCK27WcwkP9oEEP7v8xe l2Ejon3CpdTKvsDKLNh1Njposcnb0Fk0KakTjMtyme4alWBHOUecPSf/rfJXyTJ3 I8Z83RxdEB5CGENlWB5bR68xza/I5V+VhVD1wbeyXfpvYX0XOIy9wW8/SzAArifo 4oKhGZzOidRJ0hutbSKCL82Cve9o2TBQg5rPLYigRvvfDPLZMk1BfgQ0iS3gdIJc 11TBdPnbCP9Aa9V3KQodtDrqJsBmeFGFyVJ5WlRnk1FGIDYIhv+cJhkHQcvdZYsT OWn/o4z0GqHqEzOX9eITpZwIdBQQL3i6v9TDBOr6WYlZrgIJfpjwcaOwmo+DUNEj LOG7b5eqE2jkwYHd7zpLJtRo8fe005UJCxfayzA9vZlPNADlrbku1sqrJ6Yz7pNS 4CnEauE89lEbFwCQV7awPJeut9CPPBYYbQWw7z1b51y3+O2i6SxWPmI2x0N5sbKM a0geZcqVMtAmwIjaXd7OFSJ6GrI/nOIm7tsaJWh71URdpJQn24GpW3ozJMceLZ2W orNlzaq9S1M9yiDF0B5+K0CHocM08y9svdN54PvmlpANE8BQ5Qc1i1Sm0v436ml/ MjnMIBoQQsUZ+vfhFHcnAWp+kX3rzBHKqO1yaszlIuh08o0QqP4a7SPOQA1QzWVx YfE7UTJWpx8jaCoUZgFDxvUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16851268387565617551203207095962390265 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Ireland Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zürich' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PrivaSphere AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.privasphere.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 702251994733489176432685924746767406160813743217509452754690696794093357303455684824806082296809158523012760026084575459654501777509951849371738235966697754797579775873984685081454616866748685389677731220487443150572820802661689177559251495426490969688283484000192731764014321481454105989879649331685377868689348307209588204598957616219903643037396412760817208705679247733241101693386161654079546437515907556475644012479542546479812979247826158577583527299520276867132054286569888363449840626952570148102288554884909333113910316273311806354930463674460522059866774248947929169463976390665126629801459662518526122258180127790164665718715654658325599831991689388142386602470496317262838997230068393826395656104209597185592640220917266199401477876257465649719800300977666561572345879556645557648975075209333696429619457608425668936478872650952404207248678084605324419698910979199550407442401605085042079546141907615097350910243171337776497914043929914935537158293600031669406300628055903292788880310530490579243363851191054350548778388565908214127030347563771777776082063004929366978061545352361542250048066147363353757778547772225233527236370482063828036333820378128460259111402946358635589055713950113318331658089586463278748271888117 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1889e7aff028f67cca680552e162d891d6166560 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 24b57a6e92c77754ff88f8047f8323e9d88e322e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (498 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privasphere.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p4u.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.p4u.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zh.privasphere.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vrfy5210.privasphere.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'large.privasphere.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jusphere.privasphere.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eeg.lu.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ees.lu.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.lu.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secmail.tg.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erv.tg.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.holcim.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.ar.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.zg.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.bekb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.ifrc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secmail.ukb.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erv.sh.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.bav.admin.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.blw.admin.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sec-data-exchange.oak-bv.admin.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.ba.admin.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secmail.bvger.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secmail.ti.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'securemail.mme.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.digicert.eu/DigiCertG2TLSEURSA4096SHA3842022CA1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.eu/DigiCertG2TLSEURSA4096SHA3842022CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 01660076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018df53770a90000040300473045022100d20ae31e7c6047ed5b7fe1bb00e05be3fb7680740d88936b3442ad319cf158e0022017527f314087b3bf4fc14899aa6bb914b30d44dced7404ffeaa93241af07909b007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018df537715d0000040300463044022023c9c8cebbc62f85e11b90c7f040cfcd8ee8a12969e6fbe371e8515efb6da3dc022032e526033cff56ad78304fe583789f11098d42b1576bdf74820fb071902450f4007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018df53770690000040300463044022056be8432e589f75f735800f390d9d740f46c42411960e962f74d43d63b6c126502201ca3a22f7e070159d83229bab376e79c669ed4784f89edb8ef6fae5e6b27b6ed . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 003db1f161c5be941f0852e3794450007e10188439bffb34e8ef3e994b2e0375606b262a5e627727a86c4a2627cd50af8e752080a82e51b5292476578ce65a5cd94e5c94077960d6ee32462a25cfb739e0ef8c3fe6271493d3692eec5233d23c2d7dfc936aff0ec7e815f133d0dc6af3704e2d8f2fab5364bb71d3436c7879f83e039bd45bef45c628e40f686f6827b944e4706cf8083306c85e62661ac626956fbed87bf2754062843d8a6335e2701345794c69caa7d5c8043dd07bfa464f54066396d0d5d944d87de500777f5ff635e52871e80267982666e32fd070d16622fca593998b786a52c0e5d270b1b53565e859a16252363c93af6873d22781f378fd9d5cd6960fdf67ca8df0d2a33d7e24c85939207a30d6de4c3555b00025b666f5e2a83af536041b333a3c3366ccf52d7e3d86d46bd1989fba9e7d6071249265bde9aa84bcae458e19b95525f508fe31e93ed6ac2d8e506475ec7cce3c3b28b1222e8b6506d1f4f80b5c82cb0d48f6ccd015fe195995d6619f79749640b5ef370e06a29d1896bc815a58fa55388802be36ce017a99561ae8cc6366010fe62c2e14e630a6a0dbc44605d76b0e7ad659d570c7270c954b14c23ffc1acbf379f3cd8c368ea4ac1f8e71b5cf7467071b1e272cae4f7047379fd15b9b368aae5b412050b34c730d00ad3ed2d8c3adab2bba1ca6d073aeaa99e193f49c9de6bb18ef996e