eportal.sg.ch

- Kanton St. Gallen -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 31:cf:fa:18:19:80:98:6e:df:0c:82:51:f9:56:e5:15:4a:86:2a:53 was issued on by SwissSign AG.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Kanton St. Gallen

Organization: Kanton St. Gallen
State / Province: SG
Locality: Sankt Gallen
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 31:cf:fa:18:19:80:98:6e:df:0c:82:51:f9:56:e5:15:4a:86:2a:53
Serial Number (int): 284378588298622127444809988892225292943028005459
Serial Number lenght: 158 bits, 20 octets

SubjectKeyId: 67:bc:58:81:68:f8:aa:ae:fe:10:7e:25:f9:86:05:0f:99:94:88:04
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 84:5a:b0:f2:23:03:a3:89:47:44:7b:ec:ff:8d:fb:58:1e:13:9c:ca
Fingerprint (sha256): a4:a4:af:b2:2c:50:17:19:3d:32:ae:e9:b5:ca:02:40:00:e9:72:72:23:16:8c:33:6b:43:77:5b:32:88:b7:cd

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate eportal.sg.ch

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for eportal.sg.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

backoffice.eportal.sg.ch
eportal.sg.ch
apis.eportal.sg.ch
www.eportal.sg.ch

Other certificates including the domain name sg.ch

(limited to 100 certificates)
pk.stadt.sg.ch
efiling.sg.ch
sg.ch
www.dlz.stadt.sg.ch
int-sspr.sg.ch
www.informatik.sg.ch
ratsinfo.sg.ch
kesb.sg.ch
ristest.sg.ch
tpp.sg.ch
pk.stadt.sg.ch
geothermie.stadt.sg.ch
geothermie.stadt.sg.ch
efj.sg.ch
mca.kapo.sg.ch
bussen.kapo.sg.ch
www.osm.sg.ch
www.dlz.stadt.sg.ch
bussen.kapo.sg.ch
klosterplatz.sg.ch
feweb03.stadt.sg.ch
connet.sg.ch
*.sg.ch
bussen.stadt.sg.ch
webgis.stadt.sg.ch
azalee.sg.ch
sync.gevi.sg.ch
serviceportal.sg.ch
hydrodaten.sg.ch
teamraum.sg.ch
eportal.sg.ch
access.stadt.sg.ch
lage.sg.ch
neu.ratsinfo.sg.ch
www.gerichte.sg.ch
bussen.stadt.sg.ch
planon.sg.ch
workbench.sg.ch
www.egov.sg.ch
www.os.auslaenderamt.sg.ch
ofpg.ch
stada.sg.ch
test.ratsinfo.sg.ch
azalee.sg.ch
*.spint.sg.ch
*.stva.sg.ch
www.psychiatrie-nord.sg.ch
checkpoint.sg.ch
*.osm.sg.ch
www.gerichte.sg.ch
access.stadt.sg.ch
FEWeb01.qusy.stadt.sg.ch
www.kpdw.sg.ch
kesb.sg.ch
vpn.kapo.sg.ch
www.kapo.sg.ch
psychiatrie-nord.sg.ch
access.stadt.sg.ch
ratsinfo.sg.ch
jobs.sg.ch
outlook.sg.ch
payment.kapo.sg.ch
*.icn.sg.ch
gever.sg.ch
connector02.stadt.sg.ch
itkosten.stadt.sg.ch
checkpoint.sg.ch
abacus.sg.ch
mail.stadt.sg.ch
webtransfer.sg.ch
efoerderportal.sg.ch
intranet.geodienste.sg.ch
psychiatrie-nord.sg.ch
bussen-test.kapo.sg.ch
connector01.stadt.sg.ch
teamraumtest.sg.ch
m.bahnhofplatz.stadt.sg.ch
extern.groupware.sg.ch
*.apps.sg.ch
daten.stadt.sg.ch
*.stva.sg.ch
checkpoint.sg.ch
pk.stadt.sg.ch
*.kb.ezproxy4.sg.ch
m.stadt.sg.ch
*.move-apps.sg.ch
psychiatrie-nord.sg.ch
*.apps.sg.ch
www.efj.sg.ch
psychiatrie-nord.sg.ch
bussen.kapo.sg.ch
adfs.edu.stadt.sg.ch
www.wab.sg.ch
www.wab.sg.ch
ftp.geodaten.sg.ch
sync.gevi.sg.ch
kodasa.sg.ch
websync.stadt.sg.ch
r1.stadt.sg.ch
sjd.sg.ch

Certificate

The complete raw certificate details for eportal.sg.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGoTCCBImgAwIBAgIUMc/6GBmAmG7fDIJR+VblFUqGKlMwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDUxNDE0
MzEzOFoXDTI1MDUxNDE0MzEzOFowZTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlNH
MRUwEwYDVQQHDAxTYW5rdCBHYWxsZW4xGjAYBgNVBAoMEUthbnRvbiBTdC4gR2Fs
bGVuMRYwFAYDVQQDEw1lcG9ydGFsLnNnLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw5yU3vKil9Yi+ThRhqJk+98CGoePUsNXdwJnUH+8nZOeOk/l
MYI42S7O1LATdNvn1Kh6tLnMkUGDFTZ/nowsLociAf2hlsjBF617bbx1hkl7SYyx
Xztz295NLlCx6j+1OaPRp7V0EY8Xsxl4GJw2Deku43m6AL0IGAHqUO6l8ufRy7Ss
GfQTECgIoC4ruaLlbz00J7vPHhofP0aTzIzLCXHwQPxwlr0usxXRcB4wa1Fwpe5J
vml7qHtQVwMbjyHUSz2HVAMNTqlGoIlQDMHx9F8fnbHQnr9URXEOO0PYB7WQ/V1n
uyOzN/+d9u0ALA9cs+fQXuxwh9mSDphPkiHrFQIDAQABo4ICXDCCAlgwgbIGCCsG
AQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRwOi8vYWlhLnN3aXNzc2lnbi5j
aC9haXItMGYyYmY5YTUtZGQzNy00OGM5LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsG
AQUFBzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24uY2gvc2lnbi9vY3MtYWFjY2Nl
ZDUtNjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EM
AQICMAgGBgQAj3oBBzBQBghghXQBWQIBAjBEMEIGCCsGAQUFBwIBFjZodHRwczov
L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYw
UQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2
YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNlNDAwMmMxY2QzNDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMFkGA1UdEQRSMFCCGGJh
Y2tvZmZpY2UuZXBvcnRhbC5zZy5jaIINZXBvcnRhbC5zZy5jaIISYXBpcy5lcG9y
dGFsLnNnLmNoghF3d3cuZXBvcnRhbC5zZy5jaDAdBgNVHQ4EFgQUZ7xYgWj4qq7+
EH4l+YYFD5mUiAQwHwYDVR0jBBgwFoAUfG8KbxMP2YwkbyY081xrQ223I7YwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggIBAKX/3NxMLOE1ypiI
LY4JxqLO1WFhebghYO6TSSacfwyJjVhArYVolgb5SfyMWGgXuO003z4a4FcqvNh/
zQMP1nerAnGsILBu3L8442OOlMSNhPd+tXbX385+px9LeB2b1mRaiOIibfyG2Y0L
ObVkQmLwxGNXJwuKVsyurd+ESe4BfujSTKkNfb8ac1oqODICHlrE9pkdP8UP+ic/
DlHMZO5GoroHc5BijN6dYjlqQwecNMWSO8TIfrVC/eCEV4ZhcI/8n8kjTpLQR/oQ
Ij1mFEWgG8S7RNCbQAM9ha4lrhQU5rXpBttmRzAUUJZj55wSlTg6AbkNt5WSsV98
l/aEqKo8TXARzKid6WmFmm0YYXiZqxSzimldzqJCIkQQpHe5JpTpl66T+QQOMyPY
/jR04cjkkdZMV7EQHTnp3kUax9ZROEvvr3kPJHGHLaKyOhg2LLA3UNFHFgXzjy8x
sxLf67XAxOHr38Vxer3+plX3zKqh4civnnyoYvMaKVQSJ7jL317SRLTxYYFSRrNK
IDTfsOVK3wa9IFjOf0p8kXb7d4hmd4x1ke14YNczrU2rPT0Lwp+nfZQnL8KcFasf
W4TD8gP+eQpdKksBlBUG9ykSlr7q4KDEVOpEf2RMTx/sbmP8F/Kr1u1u3xiSKL0S
LvMO3Ft9pRqUvDKH0wNk8jLueYmd
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5yU3vKil9Yi+ThRhqJk
+98CGoePUsNXdwJnUH+8nZOeOk/lMYI42S7O1LATdNvn1Kh6tLnMkUGDFTZ/nows
LociAf2hlsjBF617bbx1hkl7SYyxXztz295NLlCx6j+1OaPRp7V0EY8Xsxl4GJw2
Deku43m6AL0IGAHqUO6l8ufRy7SsGfQTECgIoC4ruaLlbz00J7vPHhofP0aTzIzL
CXHwQPxwlr0usxXRcB4wa1Fwpe5Jvml7qHtQVwMbjyHUSz2HVAMNTqlGoIlQDMHx
9F8fnbHQnr9URXEOO0PYB7WQ/V1nuyOzN/+d9u0ALA9cs+fQXuxwh9mSDphPkiHr
FQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 284378588298622127444809988892225292943028005459
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 14:31:38 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-14 14:31:38 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Sankt Gallen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Kanton St. Gallen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'eportal.sg.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24693682697078848988730037597328376925080154538223279302520947214925993241507864592375636626798810500148338043173615167270318776085513543353352916213819764606478232732087480553613001047128631804427361436654802761939973264109990035611457638756012605280019599841752877262544736952221163968255698183078535694821552206324671995260284733380253681969527839874648097735359155205275848939318273008721238143690604490518454815698914468673935626569461122120033942451756341204186746385592525818501909507921760265059536626117295763357168494104854986975311229274210834918719917394007612988116657189236773970191885883618032395348757
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'backoffice.eportal.sg.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eportal.sg.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apis.eportal.sg.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.eportal.sg.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							67bc588168f8aaaefe107e25f986050f99948804
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00a5ffdcdc4c2ce135ca98882d8e09c6a2ced5616179b82160ee9349269c7f0c898d5840ad85689606f949fc8c586817b8ed34df3e1ae0572abcd87fcd030fd677ab0271ac20b06edcbf38e3638e94c48d84f77eb576d7dfce7ea71f4b781d9bd6645a88e2226dfc86d98d0b39b5644262f0c46357270b8a56ccaeaddf8449ee017ee8d24ca90d7dbf1a735a2a3832021e5ac4f6991d3fc50ffa273f0e51cc64ee46a2ba077390628cde9d62396a43079c34c5923bc4c87eb542fde084578661708ffc9fc9234e92d047fa10223d661445a01bc4bb44d09b40033d85ae25ae1414e6b5e906db66473014509663e79c1295383a01b90db79592b15f7c97f684a8aa3c4d7011cca89de969859a6d18617899ab14b38a695dcea242224410a477b92694e997ae93f9040e3323d8fe3474e1c8e491d64c57b1101d39e9de451ac7d651384befaf790f2471872da2b23a18362cb03750d1471605f38f2f31b312dfebb5c0c4e1ebdfc5717abdfea655f7ccaaa1e1c8af9e7ca862f31a29541227b8cbdf5ed244b4f161815246b34a2034dfb0e54adf06bd2058ce7f4a7c9176fb778866778c7591ed7860d733ad4dab3d3d0bc29fa77d94272fc29c15ab1f5b84c3f203fe790a5d2a4b01941506f7291296beeae0a0c454ea447f644c4f1fec6e63fc17f2abd6ed6edf189228bd122ef30edc5b7da51a94bc3287d30364f232ee79899d