twint.ukb.ch
Issued by SwissSign RSA TLS DV ICA 2021 - 1
About this certificate
This digital certificate with serial number 5f:77:b5:fe:b2:6f:38:6f:21:f2:19:84:36:d4:eb:85:39:be:13:9c was issued on by SwissSign AG.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=twint.ukb.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 5f:77:b5:fe:b2:6f:38:6f:21:f2:19:84:36:d4:eb:85:39:be:13:9cSerial Number (int): 545023765899544818299786098179277767407052919708
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 12:d9:b5:de:86:ee:e7:b1:5e:90:85:39:bb:65:ef:13:f7:e6:dd:89
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87
Fingerprint (sha1): 00:b5:44:0d:05:f1:90:23:9d:8d:98:85:1a:42:08:c9:dd:4a:d3:a0
Fingerprint (sha256): a3:e5:e3:45:d8:ba:52:46:e5:7f:3c:f3:ab:af:80:3b:bd:64:8d:32:10:a1:1f:57:dc:4b:ed:3e:de:a5:41:38
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587
Revocation information
OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate twint.ukb.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for twint.ukb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
twint.ukb.ch
Other certificates including the domain name ukb.ch
(limited to 100 certificates)
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
ukb00ncs104-e.ukb.ch
ukbhb01mx01-e.urkb.ch
fintest-wwwsec.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
ukb00ncs104-e.ukb.ch
ukbhb01mx01-e.urkb.ch
fintest-wwwsec.ukb.ch
www.ukb.ch
Certificate
The complete raw certificate details for twint.ukb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKIDCCCAigAwIBAgIUX3e1/rJvOG8h8hmENtTrhTm+E5wwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMDcyOTE0 NTUxMloXDTIzMDcyOTE0NTUxMlowFzEVMBMGA1UEAxMMdHdpbnQudWtiLmNoMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLRteaGaAD5RTW5iI4umvqnh +7Zw59MgFhrmbTr5D+082cJ5AD7sSxUzo/KSOkwYhbUW2Cq9ah5dvmUt0ABDzEwu ugDNWenuSPH4GdKvtKXPZlwhXeNr+O6tKiKMxy7wEAdZ0PxvOcygnr/g9Or6Jjj/ FQ74BioGSbxVftnNMASoRykVNk1LH1LP6qT2Id/OznBfjGKb5SUn2+Kz9rnrz1yW ZI6Hz/qlXz3meqUygGjH7A484Vgna6shLmgNdJJ6+OZmxO39frTpDh4pXLY2nLeN AzQhvATCOkGfHM3ZnQXnFw57nyB5OiueUHs1K0LDrj3PXaNxagpAwXItyTIgHQID AQABo4IGKTCCBiUwFwYDVR0RBBAwDoIMdHdpbnQudWtiLmNoMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBLZ td6G7uexXpCFObtl7xP35t2JMB8GA1UdIwQYMBaAFDyeUnkDY29PnIEb0yhwDCRa 6qWHMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5l dC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3MIGooIGl oIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPTNDOUU1Mjc5 MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFFQUE1ODclMkNPPVN3aXNzU2lnbiUy Q0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNz PWNSTERpc3RyaWJ1dGlvblBvaW50MG8GA1UdIARoMGYwUAYIYIV0AVkCAQEwRDBC BggrBgEFBQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dp c3NTaWduX0NQU19UTFMucGRmMAgGBgQAj3oBBjAIBgZngQwBAgEwgcYGCCsGAQUF BwEBBIG5MIG2MGQGCCsGAQUFBzAChlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2kt YmluL2F1dGhvcml0eS9kb3dubG9hZC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMy ODcwMEMyNDVBRUFBNTg3ME4GCCsGAQUFBzABhkJodHRwOi8vb2NzcC5zd2lzc3Np Z24ubmV0LzNDOUU1Mjc5MDM2MzZGNEY5QzgxMUJEMzI4NzAwQzI0NUFFQUE1ODcw ggNdBgorBgEEAdZ5AgQCBIIDTQSCA0kDRwB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4 cCUIFy+jqh0HE9MMAAABgkp0UgYAAAQDAEcwRQIhAPYk3020X8dc5IFVsE6h43jq NjQzq91P/y3iXPMbv+ViAiA+BpseWeXzKyLo1oQ/2NF99K7JOt7Geb8048YjXf3B oQB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABgkp0T8EAAAQD AEgwRgIhALRRWqFZEkQg3p8CMIyLRyVB5e5+bq09OPJGjYycBiZOAiEA4RjFXdiB ZE1kKeXTkDWKgmmLcA3d1E0iBz7QitytkAoAdgB6MoxU2LcttiDqOOBSHumEFnAy E4VNO9IrwTpXo1LrUgAAAYJKdE+mAAAEAwBHMEUCIQDfn79+NS/42p9gs0jN9dqy R04HqTcQwSw6ZODolSThaAIgLm5hzMbIS8y9Lv3j1/buQdQDYhxL1BGFUX+VU20W 9MwAdgCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYJKdE88AAAE AwBHMEUCIGhkv4D3NcCMZmS1NUAZtdz8ewh0+7nFXwrddRKZwqL1AiEAt0/dFyYi h+/RW+7WlP+L+W42/EQEuBZzo72YUYzjX0MAdQCzc3cH4YRQ+GOG1gWp3BEJSnkt sWcMC4fc8AMOeTalmgAAAYJKdFDqAAAEAwBGMEQCIEzvRjgPNFYtQI4c11w80nCs kb39mtN3wZazLRBmJ5K1AiALaJhg8Sf+plXt5kTtR0RFdf+YCH23yU0xj9bWx3lZ SAB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABgkp0UR4AAAQD AEcwRQIgI0Mw8vW3g5tXyr94c/EjIlhEXJ/GwR7OS19PIXQJ2+ECIQDfNWVeauAt WXH8xCaDQZc7qg/llSZAYRS6cqpiswZJjgB1AOh+p2YLwmz2AC71cl0/4OMxuTk7 uS+/WOs7kEna9UNaAAABgkp0UpUAAAQDAEYwRAIgElTYh2gOB7EdCPBgZkf0mOt8 gmNXQiWFdBBqSYJtRwgCIHboEoNYNoesZsojX/PNCpe8w5GfTwhzIcgbsf1yQCrT MA0GCSqGSIb3DQEBCwUAA4ICAQBgRgte2aJ7PeX3FSoJkDPSJXkqN3g4S4Mpu4Rr J5mYWoDmanYe+aYXdNV3jSnxNcygKlY9iW/1BC1yrGjNlojiPzPClO/KXtfxNdNL oIsch0GgnuWIffyjht/z9TWvSu5xo3sxw3QQ7wTawezcGU+LJQKTqL2eX89FLhDF zIUYUCwwhkPYwSP7sSbZ2dDnN1wlDMSsOJwPuuygJD47KS7gu/xn/wFeYIzisYMP qvxhsdrf/SWTm12IZSBSM1MpBEFiKw0RhrtrUI9e2QcLMP9L+LoxvYx8EN0OAkrh zTnJIGHY/Ndfh9nly0kLkfHbOEAa1bTlaRLZBl0BXmHgtiqjYZgCR3uFxMLuQCvY 5rRs/zamGYtUCVgwOfJI6fAfVUcO1HLm8UYZj9PcDYcwWt3fiUrGuYH8O8BBjdME kHfUD0pu/oIuVoBN+xXLh5+S4tnN09COItd6d9azLj/ilK7ohL30o7H8Rr/Vxi1n vbeYbi06PjGDutxk2AF41ksmre+QdZrW1BgC1Azo/3VJE3h30RFbQdQYVnqNJpIH j72rY30d1Gg0UPXITzgXzs5moFVPSPbMvUGjWg3a9oUju84p6ViPJIQS9SIpCSWN FIp/07AHCITruaQPS28fRv3vA+IpBB7UrkA47g34EMwQHx2kvNQpfLQMT4LMpsSY woVYHA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLRteaGaAD5RTW5iI4um vqnh+7Zw59MgFhrmbTr5D+082cJ5AD7sSxUzo/KSOkwYhbUW2Cq9ah5dvmUt0ABD zEwuugDNWenuSPH4GdKvtKXPZlwhXeNr+O6tKiKMxy7wEAdZ0PxvOcygnr/g9Or6 Jjj/FQ74BioGSbxVftnNMASoRykVNk1LH1LP6qT2Id/OznBfjGKb5SUn2+Kz9rnr z1yWZI6Hz/qlXz3meqUygGjH7A484Vgna6shLmgNdJJ6+OZmxO39frTpDh4pXLY2 nLeNAzQhvATCOkGfHM3ZnQXnFw57nyB5OiueUHs1K0LDrj3PXaNxagpAwXItyTIg HQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 545023765899544818299786098179277767407052919708 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-29 14:55:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-29 14:55:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'twint.ukb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25336633177151621713648737071965494980675627272689794704772490580941444363063177764006095229732537232733816764840255209955825045092643703674747984919208320641459506157914583497990097699288898970545185751345405710458271629701046771640652772502647441041702338575582228795556139328249973272000026769088519992671182652229670042659751341333183474936598722808258203193838256418181208704952473789468504904122488544077475281535006083673672419657651489359837631281411990991631229910414788834285387152952385237257658131055560323056171662120833316764086067294049696717350839592714205223947015330661669203573445888781687280771101 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'twint.ukb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 12d9b5de86eee7b15e908539bb65ef13f7e6dd89 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (845 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (841 bytes) 03470076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001824a7452060000040300473045022100f624df4db45fc75ce48155b04ea1e378ea363433abdd4fff2de25cf31bbfe56202203e069b1e59e5f32b22e8d6843fd8d17df4aec93adec679bf34e3c6235dfdc1a10077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d913000001824a744fc10000040300483046022100b4515aa159124420de9f02308c8b472541e5ee7e6ead3d38f2468d8c9c06264e022100e118c55dd881644d6429e5d390358a82698b700dddd44d22073ed08adcad900a0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001824a744fa60000040300473045022100df9fbf7e352ff8da9f60b348cdf5dab2474e07a93710c12c3a64e0e89524e16802202e6e61ccc6c84bccbd2efde3d7f6ee41d403621c4bd41185517f95536d16f4cc007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001824a744f3c000004030047304502206864bf80f735c08c6664b5354019b5dcfc7b0874fbb9c55f0add751299c2a2f5022100b74fdd17262287efd15beed694ff8bf96e36fc4404b81673a3bd98518ce35f43007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001824a7450ea000004030046304402204cef46380f34562d408e1cd75c3cd270ac91bdfd9ad377c196b32d10662792b502200b689860f127fea655ede644ed47444575ff98087db7c94d318fd6d6c7795948007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001824a74511e00000403004730450220234330f2f5b7839b57cabf7873f1232258445c9fc6c11ece4b5f4f217409dbe1022100df35655e6ae02d5971fcc4268341973baa0fe59526406114ba72aa62b306498e007500e87ea7660bc26cf6002ef5725d3fe0e331b9393bb92fbf58eb3b9049daf5435a000001824a745295000004030046304402201254d887680e07b11d08f0606647f498eb7c82635742258574106a49826d4708022076e81283583687ac66ca235ff3cd0a97bcc3919f4f087321c81bb1fd72402ad3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0060460b5ed9a27b3de5f7152a099033d225792a3778384b8329bb846b2799985a80e66a761ef9a61774d5778d29f135cca02a563d896ff5042d72ac68cd9688e23f33c294efca5ed7f135d34ba08b1c8741a09ee5887dfca386dff3f535af4aee71a37b31c37410ef04dac1ecdc194f8b250293a8bd9e5fcf452e10c5cc8518502c308643d8c123fbb126d9d9d0e7375c250cc4ac389c0fbaeca0243e3b292ee0bbfc67ff015e608ce2b1830faafc61b1dadffd25939b5d886520523353290441622b0d1186bb6b508f5ed9070b30ff4bf8ba31bd8c7c10dd0e024ae1cd39c92061d8fcd75f87d9e5cb490b91f1db38401ad5b4e56912d9065d015e61e0b62aa3619802477b85c4c2ee402bd8e6b46cff36a6198b5409583039f248e9f01f55470ed472e6f146198fd3dc0d87305adddf894ac6b981fc3bc0418dd3049077d40f4a6efe822e56804dfb15cb879f92e2d9cdd3d08e22d77a77d6b32e3fe294aee884bdf4a3b1fc46bfd5c62d67bdb7986e2d3a3e3183badc64d80178d64b26adef90759ad6d41802d40ce8ff7549137877d1115b41d418567a8d2692078fbdab637d1dd4683450f5c84f3817cece66a0554f48f6ccbd41a35a0ddaf68523bbce29e9588f248412f5222909258d148a7fd3b0070884ebb9a40f4b6f1f46fdef03e229041ed4ae4038ee0df810cc101f1da4bcd4297cb40c4f82cca6c498c285581c