rpcon1-efd0021d.scdemo.ch

- Swisscom (Schweiz) AG -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 6d:b7:a8:b5:30:a2:bd:17:81:4c:21:be:53:29:17:57:d5:c0:58:a9 was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Swisscom (Schweiz) AG

Organization: Swisscom (Schweiz) AG
State / Province: BE
Locality: Bern
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 6d:b7:a8:b5:30:a2:bd:17:81:4c:21:be:53:29:17:57:d5:c0:58:a9
Serial Number (int): 626375726910922491714049274757001351067640813737
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 0e:2e:d3:c5:b7:96:10:0e:30:1f:46:24:7f:a1:1b:da:57:0b:66:85
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): df:87:7f:99:5c:36:ac:76:dc:ae:b6:d5:65:ec:52:bd:19:c1:2c:60
Fingerprint (sha256): a6:cb:a6:c4:41:3b:58:9c:ac:3d:9d:2d:9c:14:25:e3:11:ff:cf:cd:90:33:58:0e:28:c3:c2:30:f6:64:24:2c

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate rpcon1-efd0021d.scdemo.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rpcon1-efd0021d.scdemo.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rpcon1-efd0021d.scdemo.ch

Other certificates including the domain name scdemo.ch

(limited to 100 certificates)
rpcon1-36af53fc.scdemo.ch
rpcon1-84811399.scdemo.ch
rpcon1-4312103a.scdemo.ch
rpcon1-bc811bb5.scdemo.ch
rpcon1-3ffebb0e.scdemo.ch
rpcon1-0769efc5.scdemo.ch
rpcon1-16016b52.scdemo.ch
rpcon1-8dd997d1.scdemo.ch
rpcon1-348ed950.scdemo.ch
osballure5.scdemo.ch
rpcon1-5df24b88.scdemo.ch
rpcon1-57d6e8a6.scdemo.ch
rpcon1-e57d6b06.scdemo.ch
multi-domain-test3.pre.scdemo.ch
rpcon1-57155bd6.scdemo.ch
rpcon1-5681ac08.scdemo.ch
rpcon1-846755d0.scdemo.ch
rpcon1-4cc52bf1.scdemo.ch
rpcon1-b46472b2.scdemo.ch
rpcon1-d598abd5.scdemo.ch
rpcon1-d301a838.scdemo.ch
rpcon1-b44488b3.scdemo.ch
rpcon1-c259abb8.scdemo.ch
mstunnel.scdemo.ch
rpcon1-e31eaeed.scdemo.ch
rpcon1-2bfc0ec5.scdemo.ch
rpcon1-1f0e08b2.scdemo.ch
rpcon1-3678e44f.scdemo.ch
rpcon1-0b09b67c.scdemo.ch
rpcon1-1b42718d.scdemo.ch
rpcon1-73049f7b.scdemo.ch
rpcon1-b1ce55e6.scdemo.ch
demorptaarogi3.scdemo.ch
rpcon1-e57d6b06.scdemo.ch
rpcon1-c7e24c2d.scdemo.ch
rpcon1-a61dff60.scdemo.ch
rpcon1-2b2d3878.scdemo.ch
rpcon1-5401497c.scdemo.ch
rpcon1-e17683da.scdemo.ch
rpcon1-8995d448.scdemo.ch
rpcon1-20ad482c.scdemo.ch
rpcon1-389022b5.scdemo.ch
rpcon1-8848ad58.scdemo.ch
rpcon1-3af12958.scdemo.ch
rpcon1-1fe34f0a.scdemo.ch
rpcon1-f3237e72.scdemo.ch
rpcon1-9029d29a.scdemo.ch
rpcon1-0769efc5.scdemo.ch
rpcon1-49768824.scdemo.ch
rpcon1-8590ddd5.scdemo.ch
rpcon1-32058b95.scdemo.ch
rpcon1-4991f0d1.scdemo.ch
rpcon1-5a573283.scdemo.ch
rpcon1-af4051c9.scdemo.ch
cadcrobottest99.scdemo.ch
cadcrobottest99.scdemo.ch
rpcon1-9d45654a.scdemo.ch
rpcon1-4ea84f0e.scdemo.ch
rpcon1-57155bd6.scdemo.ch
profile.pre.scdemo.ch
rpcon1-af86dd8b.scdemo.ch
osballurefp7.scdemo.ch
rpcon1-0bc570e1.scdemo.ch
rpcon1-47e9509d.scdemo.ch
rpcon1-56e595d7.scdemo.ch
rpcon1-f092a09e.scdemo.ch
rpcon1-a9057f85.scdemo.ch
rpcon1-c6d3ec68.scdemo.ch
rpcon1-ed6232d8.scdemo.ch
rpcon1-c218c23f.scdemo.ch
rpcon1-6ccff72d.scdemo.ch
rpcon1-39e38855.scdemo.ch
rpcon1-7d403714.scdemo.ch
rpcon1-b516b4dd.scdemo.ch
rpcon1-4a726306.scdemo.ch
rpcon1-42b392bd.scdemo.ch
rpcon1-35a90852.scdemo.ch
rpcon1-81437157.scdemo.ch
rpcon1-3f0ce8a4.scdemo.ch
rpcon1-b7b4c475.scdemo.ch
rpcon1-0b2aa633.scdemo.ch
mytestcadcvega01.scdemo.ch
rpcon1-a4bb3805.scdemo.ch
rpcon1-9ccc837a.scdemo.ch
rpcon1-1fe34f0a.scdemo.ch
rpcon1-27a85de1.scdemo.ch
rpcon1-edba4e8b.scdemo.ch
rpcon1-fc574931.scdemo.ch
rpcon1-9d45654a.scdemo.ch
rpcon1-b4fbdab6.scdemo.ch
cadcrobottest99.scdemo.ch
rpcon1-0a212484.scdemo.ch
rpcon1-a48afda0.scdemo.ch
rpcon1-f92c4173.scdemo.ch
rpcon1-523c5d85.scdemo.ch
rpcon1-561c1685.scdemo.ch
test-profile.scdemo.ch
rpcon1-28c22228.scdemo.ch
rpcon1-ea8ff807.scdemo.ch
rpcon1-79708238.scdemo.ch

Certificate

The complete raw certificate details for rpcon1-efd0021d.scdemo.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHdDCCBVygAwIBAgIUbbeotTCivReBTCG+UykXV9XAWKkwDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDUxNDE0
NDIxOFoXDTI1MDUxNDE0NDIxOFowbTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkJF
MQ0wCwYDVQQHDARCZXJuMR4wHAYDVQQKDBVTd2lzc2NvbSAoU2Nod2VpeikgQUcx
IjAgBgNVBAMTGXJwY29uMS1lZmQwMDIxZC5zY2RlbW8uY2gwggIiMA0GCSqGSIb3
DQEBAQUAA4ICDwAwggIKAoICAQC04ePyztNgDpmNEpLjvgs/E81ihtxsjPtlw1QT
0jnWYtu4rtL49Pj3v+TNJzksr5Cm+m8BOyeHtnBo94ZTD6jIOafKmShUJgk+zBCk
PbLqS7JK0FLMrf67Np0jiVLL8tAga8m6SVEdkOTycMVoFADYsahh1Ku7GMFUyLQX
5hnIR89JA5OyDxSsrXpsDQ8Dm0nwo8TzrFZd1TAZ2B1YA5EvKCAwTFQV/qOHQOhs
DXqHz3xG3wrBztjkXijb3moQHmm1tG0oSlKzcGWOerTEWqpZJva8HpqYvFqfymBQ
DiwiuME00HBv4ixvJhraCf+hPJcqVmdBbgMLJNoEvYp/Ga3D3dFVpHOz5VUyKpjf
fqyOdvTqMrg6MzGH4z0tYorMkSbkFOaTDL2RXC55nJQfvES/KI+nIYN6sMoIU67f
p/ORD6oTm8HQG+/Hs70/CbJpvkvjUhDddDMNQoyIlrLyzbghz/SP+oOMcHtw6TVy
dq/4TUdhqmrcqHx5OPRAtYQE/pQeRq5VpnPDs6BbBYHZ0B/srlZ/H1POjENR/9CP
dj6kuUvy/5+AkmJ9AXzgFNBaSUc3mYX5ZZB4GSXIFvlUAI42CFcT+N6gwTSK1kTx
5VVP9frEjTgiJM/HdZbod89V2GfM48GtZJhtw5ov9ZZxSkj7TnE3VJVzBjv1T3Ys
NvzV5wIDAQABo4ICJzCCAiMwgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAC
hkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMGYyYmY5YTUtZGQzNy00OGM5
LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lz
c3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFi
NzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQICMAgGBgQAj3oBBzBQBghghXQBWQIB
AjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv
bS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDov
L2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNl
NDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0P
AQH/BAQDAgWgMCQGA1UdEQQdMBuCGXJwY29uMS1lZmQwMDIxZC5zY2RlbW8uY2gw
HQYDVR0OBBYEFA4u08W3lhAOMB9GJH+hG9pXC2aFMB8GA1UdIwQYMBaAFHxvCm8T
D9mMJG8mNPNca0NttyO2MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEB
CwUAA4ICAQCJnGFUYHCdF6bCbw5NnB+7hLnS1jtuw4YJUBKmcvIJ3gJJe6iug0c3
un8rg3mIV79rcgLtDbqd+gEsBz0XthbL4Zv62f6BdPYHmDBLo4SVNNsOfmy0Yz5A
ayy6J04x5I1RTC7RjaMFcrJ1k+HGwmenEIhEqcoicgwNXr8mokJhkgatOjCDU3We
W1U2G/S5yJjjXDy5qN8pb2DoH/Fcxu1NScBHSAh2yt6P9zD3hfXhaP65S5l8RgIr
2RmgSx7xeUBtM1CJKOw+VbJzJ0ZkMuNhJh/zZF2zz/77ro7pbdd71dN85Dp1ldr+
lIhFFdR+UzHb6h/mnn+dUztBzvwXJatGsRho7/nHysH4/2PijYCWMqq5TfrbS8f6
iiMgU2jumqMYUDXdB6Kmashfx9AEc1g6OfPL44P9F2ThwCv64g5yl4JRQ6l3DC7/
0Bh8k7MrDjpCs3MzLKPFHkp6r1t95gDWU2BkmksCVjSAfPf7bSV6kiVB8z4TWy1H
BQLr/os2KG9wrTzDJkiWirNO+MvD4aFIAOp88608PZLI7L4SacFD8kcz2DUHteK/
VxTy37VxydDk03+JiSV0O/5LiMxzKqIUwYOGjD0U5F62DoC+1rDLjycXHMYw2Jy7
y9kLV1/HVAxvepGb6YdaDul/ubTv7JUNTipNzo1JHuF0uxVIiWDG/Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtOHj8s7TYA6ZjRKS474L
PxPNYobcbIz7ZcNUE9I51mLbuK7S+PT497/kzSc5LK+QpvpvATsnh7ZwaPeGUw+o
yDmnypkoVCYJPswQpD2y6kuyStBSzK3+uzadI4lSy/LQIGvJuklRHZDk8nDFaBQA
2LGoYdSruxjBVMi0F+YZyEfPSQOTsg8UrK16bA0PA5tJ8KPE86xWXdUwGdgdWAOR
LyggMExUFf6jh0DobA16h898Rt8Kwc7Y5F4o295qEB5ptbRtKEpSs3Bljnq0xFqq
WSb2vB6amLxan8pgUA4sIrjBNNBwb+IsbyYa2gn/oTyXKlZnQW4DCyTaBL2Kfxmt
w93RVaRzs+VVMiqY336sjnb06jK4OjMxh+M9LWKKzJEm5BTmkwy9kVwueZyUH7xE
vyiPpyGDerDKCFOu36fzkQ+qE5vB0Bvvx7O9Pwmyab5L41IQ3XQzDUKMiJay8s24
Ic/0j/qDjHB7cOk1cnav+E1HYapq3Kh8eTj0QLWEBP6UHkauVaZzw7OgWwWB2dAf
7K5Wfx9TzoxDUf/Qj3Y+pLlL8v+fgJJifQF84BTQWklHN5mF+WWQeBklyBb5VACO
NghXE/jeoME0itZE8eVVT/X6xI04IiTPx3WW6HfPVdhnzOPBrWSYbcOaL/WWcUpI
+05xN1SVcwY79U92LDb81ecCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 626375726910922491714049274757001351067640813737
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 14:42:18 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-14 14:42:18 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Swisscom (Schweiz) AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rpcon1-efd0021d.scdemo.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 737935746802566343375781797177838610259539362746287913570278708075655089991455465270714369905501060158401261340644281927443247475075419235907686483102988457164882323929834675071592212154792360603277469194675202281181320423523169709240736744006956593357015930262442607785978885361408717281725454170465513043297102202406340189354017687852215158307638482510773601761003026410472943524246731546719236666362904892558302038519771575790615115173252098199136949465063474591532141490689579856458221724653127688485531604797840833117773170771140080791756538463453690229999987590016626920292514328319532008841168857420923140200373109830791385317628025058562836267395087350621696814976469879378652573472497695320576353632767104124172971003374756134386569699240198893117063304192354763044222631633387518802757770548939955792094577143585569046692080673331597237365400324094906261922343942814838865251452957114167018941165228502581604220235199741186819939081791857012012379126765606389126531439689559521907557807057614033718425738135192207335735758811916863606917680927330512593226322006239969449500795967905726107752801996539069860722553557600881972109967972114587943469634710072224824149831101294882391996608062801953504336003424960804177414247911
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rpcon1-efd0021d.scdemo.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0e2ed3c5b796100e301f46247fa11bda570b6685
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00899c615460709d17a6c26f0e4d9c1fbb84b9d2d63b6ec386095012a672f209de02497ba8ae834737ba7f2b83798857bf6b7202ed0dba9dfa012c073d17b616cbe19bfad9fe8174f60798304ba3849534db0e7e6cb4633e406b2cba274e31e48d514c2ed18da30572b27593e1c6c267a7108844a9ca22720c0d5ebf26a242619206ad3a308353759e5b55361bf4b9c898e35c3cb9a8df296f60e81ff15cc6ed4d49c047480876cade8ff730f785f5e168feb94b997c46022bd919a04b1ef179406d33508928ec3e55b27327466432e361261ff3645db3cffefbae8ee96dd77bd5d37ce43a7595dafe94884515d47e5331dbea1fe69e7f9d533b41cefc1725ab46b11868eff9c7cac1f8ff63e28d809632aab94dfadb4bc7fa8a23205368ee9aa3185035dd07a2a66ac85fc7d00473583a39f3cbe383fd1764e1c02bfae20e7297825143a9770c2effd0187c93b32b0e3a42b373332ca3c51e4a7aaf5b7de600d65360649a4b025634807cf7fb6d257a922541f33e135b2d470502ebfe8b36286f70ad3cc32648968ab34ef8cbc3e1a14800ea7cf3ad3c3d92c8ecbe1269c143f24733d83507b5e2bf5714f2dfb571c9d0e4d37f898925743bfe4b88cc732aa214c183868c3d14e45eb60e80bed6b0cb8f27171cc630d89cbbcbd90b575fc7540c6f7a919be9875a0ee97fb9b4efec950d4e2a4dce8d491ee174bb15488960c6fd