rpcon1-c2b05e14.scdemo.ch

- Swisscom (Schweiz) AG -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 6a:a2:a6:e2:d9:a7:d7:75:83:8f:e8:8e:ca:b5:10:e4:a3:5e:bd:aa was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Swisscom (Schweiz) AG

Organization: Swisscom (Schweiz) AG
State / Province: BE
Locality: Bern
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 6a:a2:a6:e2:d9:a7:d7:75:83:8f:e8:8e:ca:b5:10:e4:a3:5e:bd:aa
Serial Number (int): 608780280262082505539856490510762424203267194282
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: dd:75:4f:0e:4b:6b:66:21:62:fa:71:56:33:6f:36:30:f0:13:42:17
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): 11:b4:a3:49:61:c3:79:6b:cf:cc:72:9a:d7:25:02:d1:51:9e:36:79
Fingerprint (sha256): a8:19:6b:00:e4:c8:04:e6:72:63:f1:d6:0f:fa:c0:94:94:fc:fc:46:83:7c:4b:51:72:4b:ed:96:a1:77:53:95

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate rpcon1-c2b05e14.scdemo.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rpcon1-c2b05e14.scdemo.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rpcon1-c2b05e14.scdemo.ch

Other certificates including the domain name scdemo.ch

(limited to 100 certificates)
rpcon1-36af53fc.scdemo.ch
rpcon1-84811399.scdemo.ch
rpcon1-4312103a.scdemo.ch
rpcon1-bc811bb5.scdemo.ch
rpcon1-a4a13ad0.scdemo.ch
rpcon1-3ffebb0e.scdemo.ch
rpcon1-0769efc5.scdemo.ch
rpcon1-16016b52.scdemo.ch
rpcon1-8dd997d1.scdemo.ch
rpcon1-348ed950.scdemo.ch
osballure5.scdemo.ch
rpcon1-5df24b88.scdemo.ch
rpcon1-57d6e8a6.scdemo.ch
rpcon1-e0ebddb3.scdemo.ch
rpcon1-cbc34369.scdemo.ch
rpcon1-e57d6b06.scdemo.ch
multi-domain-test3.pre.scdemo.ch
rpcon1-57155bd6.scdemo.ch
rpcon1-5681ac08.scdemo.ch
rpcon1-632088f7.scdemo.ch
rpcon1-443711df.scdemo.ch
rpcon1-0b012653.scdemo.ch
rpcon1-846755d0.scdemo.ch
rpcon1-0e22c92b.scdemo.ch
rpcon1-e859b947.scdemo.ch
rpcon1-4cc52bf1.scdemo.ch
rpcon1-b46472b2.scdemo.ch
rpcon1-d598abd5.scdemo.ch
rpcon1-d301a838.scdemo.ch
rpcon1-b44488b3.scdemo.ch
rpcon1-c259abb8.scdemo.ch
rpcon1-cadf82c4.scdemo.ch
mstunnel.scdemo.ch
rpcon1-cfbfb5d8.scdemo.ch
rpcon1-e31eaeed.scdemo.ch
rpcon1-2bfc0ec5.scdemo.ch
rpcon1-1f0e08b2.scdemo.ch
rpcon1-3c85dc73.scdemo.ch
rpcon1-3678e44f.scdemo.ch
rpcon1-3b9ca0ae.scdemo.ch
rpcon1-0b09b67c.scdemo.ch
rpcon1-495b405b.scdemo.ch
rpcon1-b0adb689.scdemo.ch
rpcon1-0c38886a.scdemo.ch
rpcon1-724bfb2d.scdemo.ch
rpcon1-89f30bee.scdemo.ch
rpcon1-1260c5be.scdemo.ch
rpcon1-1b42718d.scdemo.ch
rpcon1-a877a97b.scdemo.ch
rpcon1-ab510632.scdemo.ch
rpcon1-78708c89.scdemo.ch
rpcon1-a618b744.scdemo.ch
rpcon1-73049f7b.scdemo.ch
rpcon1-411b7569.scdemo.ch
rpcon1-b1ce55e6.scdemo.ch
rpcon1-c44203f0.scdemo.ch
demorptaarogi3.scdemo.ch
rpcon1-ab07434f.scdemo.ch
rpcon1-deced996.scdemo.ch
rpcon1-e57d6b06.scdemo.ch
rpcon1-07270737.scdemo.ch
wirkshop.scdemo.ch
rpcon1-c7e24c2d.scdemo.ch
rpcon1-a61dff60.scdemo.ch
rpcon1-2b2d3878.scdemo.ch
rpcon1-5401497c.scdemo.ch
rpcon1-210f79d7.scdemo.ch
rpcon1-e5aa0f07.scdemo.ch
rpcon1-e17683da.scdemo.ch
rpcon1-8995d448.scdemo.ch
rpcon1-20ad482c.scdemo.ch
rpcon1-389022b5.scdemo.ch
rpcon1-f1ca450a.scdemo.ch
rpcon1-89f30bee.scdemo.ch
rpcon1-9b6a3e10.scdemo.ch
rpcon1-ec07d92f.scdemo.ch
rpcon1-8848ad58.scdemo.ch
rpcon1-3af12958.scdemo.ch
rpcon1-88a56b11.scdemo.ch
rpcon1-1fe34f0a.scdemo.ch
rpcon1-f3237e72.scdemo.ch
rpcon1-9029d29a.scdemo.ch
rpcon1-0769efc5.scdemo.ch
rpcon1-49768824.scdemo.ch
rpcon1-8590ddd5.scdemo.ch
rpcon1-32058b95.scdemo.ch
rpcon1-222c624f.scdemo.ch
rpcon1-4991f0d1.scdemo.ch
rpcon1-5a573283.scdemo.ch
rpcon1-af4051c9.scdemo.ch
rctestwed.scdemo.ch
cadcrobottest99.scdemo.ch
cadcrobottest99.scdemo.ch
rpcon1-9d45654a.scdemo.ch
rpcon1-4ea84f0e.scdemo.ch
rpcon1-1e67b715.scdemo.ch
rpcon1-57155bd6.scdemo.ch
profile.pre.scdemo.ch
rpcon1-af86dd8b.scdemo.ch
osballurefp7.scdemo.ch

Certificate

The complete raw certificate details for rpcon1-c2b05e14.scdemo.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHdDCCBVygAwIBAgIUaqKm4tmn13WDj+iOyrUQ5KNevaowDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDYxMTIz
NDA0OVoXDTI1MDYxMTIzNDA0OVowbTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAkJF
MQ0wCwYDVQQHDARCZXJuMR4wHAYDVQQKDBVTd2lzc2NvbSAoU2Nod2VpeikgQUcx
IjAgBgNVBAMTGXJwY29uMS1jMmIwNWUxNC5zY2RlbW8uY2gwggIiMA0GCSqGSIb3
DQEBAQUAA4ICDwAwggIKAoICAQDb3KRe43s2/ytIw5CIzRQaJEKL3hj953FAeRYk
Nu3I6rmAlpybQiIpCsS2sRixpL5X7HAI6V0FJ1+TGOvywIu3te/w/Q0eHWQFhEqi
bjBvHqoE7/IViQa3E2Elqh2pXYHIgZtaDV75bq8mifX8RewnxSFjtLG7Dgio2gXQ
0EDHxhMnSVoI5Vkzc1lziBWB9YCjwd+oimr0Aie3TEb3cKreI0BSJXAHJAJHOTkq
FDeKevxtgfq1Kd8IfTyNAtaxQyFK8s2f5dT3QAWLKHt7PnXELnmAp2my+qSIGzVi
Iv0k5gF7FSsEn5rzFaUH/53P2V50VY0USiyQvDMuOS6zHN/To/Dr6Y2wX9Lyyx2y
ybs3q4c5VnzM9mmtjCuQgijVRFExRfBkdnoso2hHNj7aJEJMu5kTxmr3fdG44El1
5onqPbIMHPf3CMrnoI6l4lxoDu3iGItwpW4ynkA9JTk0102r6IQm5ozdqjBz29q1
CD+lcc1tJ1rVOqYBs5djak3bOotZEY3Pq43MmEBeBwSvGdd0pruyVPvb0RzRHxZv
XTCo7VID308RiXSzIZKFjp9wEWBASKwnsxgxehTZsMzJNN7P82jx11tm7LbdmIn9
mxGplAN0ykoJWkhj3ZSEkVvTz7PeChkSUxjsV8NzTmN6w22wkt1UsjPjzlhfz23/
/nvnewIDAQABo4ICJzCCAiMwgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAC
hkBodHRwOi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMGYyYmY5YTUtZGQzNy00OGM5
LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lz
c3NpZ24uY2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFi
NzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EMAQICMAgGBgQAj3oBBzBQBghghXQBWQIB
AjBEMEIGCCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNv
bS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDov
L2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNl
NDAwMmMxY2QzNDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0P
AQH/BAQDAgWgMCQGA1UdEQQdMBuCGXJwY29uMS1jMmIwNWUxNC5zY2RlbW8uY2gw
HQYDVR0OBBYEFN11Tw5La2YhYvpxVjNvNjDwE0IXMB8GA1UdIwQYMBaAFHxvCm8T
D9mMJG8mNPNca0NttyO2MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEB
CwUAA4ICAQBkbbgskOdbO1DrFDZsrLQ5ZjWYDyvRmh9lFTQitzF1aX6oNLh8CBpY
jHG+J5ZGbWNeq/bScs76p/Wc77t5tt2Os5TU+P4NgNoUVf0tNMGbSkept7F5cl47
eBlUQAHnbnK1wJ2KT0LFmk0Z8eKGRU00XCcKAMOK62XsqzZLeeynTyvho1NIfn1/
ftjU6zEWUi627Mu+1mz5tVjSv+atk88bCanKiSfBXW8XZ1yBSVx5S9PnIDXSQ0P7
M95g8lLtAXTSB9NZTmHNd99U/UyzVhiK4tmBN2pRafArsalJV5x5MDF9BormM5kj
2dGJCQJOhdAzSgvborXn4LHt+wfLRmGaIohZLzw5SgysC0dDB6ltJi32l0Unj2Vc
EXwdCzYy//6PDTuLla1k0k2/H5oqkHd9ue3julocsCH1aT8s08X7nWbRyY6hDEEk
w3OfbTFqr12NgZLPbfG4klqrz8jU0B4ArW1vUiBb/PZU7iIkFH8ZAu4fVbFRU61G
Gg6JEvgiJ7dBgOhVUqLs9mYVadkrx1BD/L0AV8DDqOkJdvG1aIfbnUgIo2zPtzKM
CBAFh/ltD/nj1Ik64TNYZxhAcxOXwIFnUrDafnouby1YTSUUZt9RyHKmKxRmDMS4
4zmprtaoNtFncIPCWymXJT4PXoSGYefdxxIqR0KAi0NddmeVoVJ2VA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA29ykXuN7Nv8rSMOQiM0U
GiRCi94Y/edxQHkWJDbtyOq5gJacm0IiKQrEtrEYsaS+V+xwCOldBSdfkxjr8sCL
t7Xv8P0NHh1kBYRKom4wbx6qBO/yFYkGtxNhJaodqV2ByIGbWg1e+W6vJon1/EXs
J8UhY7Sxuw4IqNoF0NBAx8YTJ0laCOVZM3NZc4gVgfWAo8HfqIpq9AInt0xG93Cq
3iNAUiVwByQCRzk5KhQ3inr8bYH6tSnfCH08jQLWsUMhSvLNn+XU90AFiyh7ez51
xC55gKdpsvqkiBs1YiL9JOYBexUrBJ+a8xWlB/+dz9ledFWNFEoskLwzLjkusxzf
06Pw6+mNsF/S8ssdssm7N6uHOVZ8zPZprYwrkIIo1URRMUXwZHZ6LKNoRzY+2iRC
TLuZE8Zq933RuOBJdeaJ6j2yDBz39wjK56COpeJcaA7t4hiLcKVuMp5APSU5NNdN
q+iEJuaM3aowc9vatQg/pXHNbSda1TqmAbOXY2pN2zqLWRGNz6uNzJhAXgcErxnX
dKa7slT729Ec0R8Wb10wqO1SA99PEYl0syGShY6fcBFgQEisJ7MYMXoU2bDMyTTe
z/No8ddbZuy23ZiJ/ZsRqZQDdMpKCVpIY92UhJFb08+z3goZElMY7FfDc05jesNt
sJLdVLIz485YX89t//5753sCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 608780280262082505539856490510762424203267194282
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-11 23:40:49 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-11 23:40:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bern'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Swisscom (Schweiz) AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rpcon1-c2b05e14.scdemo.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 896958227161257111497364001214440029369886026563085202792818949756612741923034159361294526369280402962235831385554595498806982408376337554720538179037207252000150750883218889478342560015184463312306115444181999535346397479395754745172598823931745658748778669091369423945775648600037014089606096692172249374099991657096752633048585765171641913328878465509644646146701559005897055162382177637566931635231184117313904527830372191652788705966614111381396183528463877944620329297586218008940834650802036616797836399753250348398417601447450450812720942361357483913743239988142517922641873129063367913892104494150862668251794713045514285897682506277541767825289766111932106328280833693049920325860795250352930821257980138228128704764217626287238852030701793275046432671367846783914846386337427646395706641904472827128636933071212596143508368500457857202959198562207932156177911974307334450527437503301393309708948240718163672090291193991517668039319685257069108777702528854895535051258894374529448577517404246891111167726810629010224967061128608983103822238637345659071125670065957309688884576100097261376253657035032827896509328300357009934293886080110351924691919230842770794150097404025771085171741017708213332104013400590669297011648379
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rpcon1-c2b05e14.scdemo.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dd754f0e4b6b662162fa7156336f3630f0134217
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00646db82c90e75b3b50eb14366cacb4396635980f2bd19a1f65153422b73175697ea834b87c081a588c71be2796466d635eabf6d272cefaa7f59cefbb79b6dd8eb394d4f8fe0d80da1455fd2d34c19b4a47a9b7b179725e3b7819544001e76e72b5c09d8a4f42c59a4d19f1e286454d345c270a00c38aeb65ecab364b79eca74f2be1a353487e7d7f7ed8d4eb3116522eb6eccbbed66cf9b558d2bfe6ad93cf1b09a9ca8927c15d6f17675c81495c794bd3e72035d24343fb33de60f252ed0174d207d3594e61cd77df54fd4cb356188ae2d981376a5169f02bb1a949579c7930317d068ae6339923d9d18909024e85d0334a0bdba2b5e7e0b1edfb07cb46619a2288592f3c394a0cac0b474307a96d262df69745278f655c117c1d0b3632fffe8f0d3b8b95ad64d24dbf1f9a2a90777db9ede3ba5a1cb021f5693f2cd3c5fb9d66d1c98ea10c4124c3739f6d316aaf5d8d8192cf6df1b8925aabcfc8d4d01e00ad6d6f52205bfcf654ee2224147f1902ee1f55b15153ad461a0e8912f82227b74180e85552a2ecf6661569d92bc75043fcbd0057c0c3a8e90976f1b56887db9d4808a36ccfb7328c08100587f96d0ff9e3d4893ae13358671840731397c0816752b0da7e7a2e6f2d584d251466df51c872a62b14660cc4b8e339a9aed6a836d1677083c25b2997253e0f5e848661e7ddc7122a4742808b435d766795a1527654