eroeffnung.ukb.ch
- Urner Kantonalbank -
Issued by SwissSign RSA TLS OV ICA 2022 - 1
About this certificate
This digital certificate with serial number 71:d8:29:04:a3:72:66:a7:de:50:98:a7:89:2b:30:0f:e1:6b:cb:fc was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Urner Kantonalbank
Organization:
Urner Kantonalbank
State / Province:
UR
Locality: Altdorf
Country: CH
Locality: Altdorf
Country: CH
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 71:d8:29:04:a3:72:66:a7:de:50:98:a7:89:2b:30:0f:e1:6b:cb:fcSerial Number (int): 649936491248087317951283415893046008183616424956
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 5e:37:d8:58:bc:44:ac:c1:b9:13:c0:36:fd:5e:5e:2c:e4:82:a1:a2
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6
Fingerprint (sha1): 4c:67:4b:41:1a:93:55:da:cf:6c:f4:ed:66:50:6b:62:7d:45:fd:7c
Fingerprint (sha256): b3:ce:17:71:f2:3c:c8:99:38:dd:e0:5e:b0:b7:98:01:50:4d:0b:be:e2:f6:e1:67:6e:18:7a:d7:da:14:01:e8
Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34
Check the revocation status for certificate eroeffnung.ukb.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for eroeffnung.ukb.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
eroeffnung.ukb.ch
Other certificates including the domain name ukb.ch
(limited to 100 certificates)
www.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
fintest-wwwsec.ukb.ch
gast.ukb.ch
fintest-dev-wwwsec.ukb.ch
www.privasphere.com
twint-test.ukb.ch
www.ukb.ch
fintest-e-banking.ukb.ch
ukb00ncs104-e.ukb.ch
satellite-test.ukb.ch
identifikation-test.ukb.ch
gast.ukb.ch
twint-test.ukb.ch
fintest-e-banking.ukb.ch
dialog.sbb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ot.ukb.ch
ssl.ukb.ch
ot.ukb.ch
ukb00ucc114.ukb.ch
securemail.ukb.ch
eroeffnung-test.ukb.ch
satellite.ukb.ch
www.privasphere.com
ukb00ncs106-e.ukb.ch
securemail.ukb.ch
www.privasphere.com
gast.ukb.ch
www.ukb.ch
autodiscover.ukb.ch
ot.ukb.ch
autodiscover.ukb.ch
eroeffnung-test.ukb.ch
dialog.sbb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-e-banking.ukb.ch
www.privasphere.com
www.ukb.ch
wwwsec.ukb.ch
www.ukb.ch
ssl.ukb.ch
ukb00ncs104-e.ukb.ch
gast.ukb.ch
wwwsec.ukb.ch
ukb00ucc114.ukb.ch
www.ukb.ch
eroeffnung.ukb.ch
wwwsec.ukb.ch
wwwsec.urkb.ch
ukb00ucc114.ukb.ch
twint.ukb.ch
www.privasphere.com
www.ukb.ch
identifikation-test.ukb.ch
twint-test.ukb.ch
www.privasphere.com
dialog.sbb.ch
gast.ukb.ch
dialog.sbb.ch
ukbhb01mx01-e.urkb.ch
ukb00ucc114.ukb.ch
fintest-dev-wwwsec.ukb.ch
ssl.ukb.ch
identifikation.ukb.ch
satellite-test.ukb.ch
fintest-dev-wwwsec.ukb.ch
fintest-wwwsec.ukb.ch
wwwsec.ukb.ch
www.privasphere.com
ssl.ukb.ch
autodiscover.ukb.ch
www.ukb.ch
gast.ukb.ch
www.privasphere.com
ukbhb01mx01-e.urkb.ch
identifikation-test.ukb.ch
autodiscover.ukb.ch
fintest-e-banking.ukb.ch
twint.ukb.ch
wwwsec.ukb.ch
ukbhb01mx01-e.urkb.ch
zukunftsbild.ukb.ch
zukunftsbild.ukb.ch
eroeffnung.ukb.ch
www.ukb.ch
fintest-wwwsec.ukb.ch
ukb00ucc114.ukb.ch
identifikation-test.ukb.ch
ssl.ukb.ch
ukbhb01mx01-e.urkb.ch
www.ukb.ch
ukb00ncs106-e.ukb.ch
ukb00ucc114.ukb.ch
ukb00ncs106-e.ukb.ch
www.privasphere.com
satellite.ukb.ch
Certificate
The complete raw certificate details for eroeffnung.ukb.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZDCCBEygAwIBAgIUcdgpBKNyZqfeUJiniSswD+Fry/wwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTI0MDMwNTE0 MjIyOVoXDTI1MDMwNTE0MjIyOVowZTELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlVS MRAwDgYDVQQHDAdBbHRkb3JmMRswGQYDVQQKDBJVcm5lciBLYW50b25hbGJhbmsx GjAYBgNVBAMTEWVyb2VmZm51bmcudWtiLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA+NFcO0EeotqzoDM1BOuEvnj96GRlQzZeqjMPkPIcKgJrWPbP KmRx6YwVo5dQLQU2sS9jHK9ukWD/3qRAG6f/OwijDdg8FSH+L4oNFBVU6MQrGQB6 Q7NCR3Dv7Lno9D/16UYT4pSEX169U5nBjWhSXCiP3RXLpAvGvCItBqq/FYHc5T2d 5TSCqcv8At9uJK+WVUEWc+/f+8uWS/vTtCJqFkRSu9JGQlHkBz8/AF6PaGrnrmmA MCRw8WXfK7pI+xwFr9olVp447egEVruE7VpcW0QInazDGz/8KuxCuSOnHnVII0It vFC70zaK5B5Gmk3OegMgV4x1j4QYSUDCqVf+5QIDAQABo4ICHzCCAhswgbIGCCsG AQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRwOi8vYWlhLnN3aXNzc2lnbi5j aC9haXItMGYyYmY5YTUtZGQzNy00OGM5LWE4NWItMTJhY2RjYjhiZTQ1MFIGCCsG AQUFBzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24uY2gvc2lnbi9vY3MtYWFjY2Nl ZDUtNjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVjMG8GA1UdIARoMGYwCAYGZ4EM AQICMAgGBgQAj3oBBzBQBghghXQBWQIBAjBEMEIGCCsGAQUFBwIBFjZodHRwczov L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ25fQ1BTX1RMUy5wZGYw UQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5zd2lzc3NpZ24uY2gvY2RwLTk2 YjYyZjVhLTZiNzMtNGRhNC04N2Y3LWNlNDAwMmMxY2QzNDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMBwGA1UdEQQVMBOCEWVy b2VmZm51bmcudWtiLmNoMB0GA1UdDgQWBBReN9hYvESswbkTwDb9Xl4s5IKhojAf BgNVHSMEGDAWgBR8bwpvEw/ZjCRvJjTzXGtDbbcjtjATBgorBgEEAdZ5AgQDAQH/ BAIFADANBgkqhkiG9w0BAQsFAAOCAgEAvnODoMlh53zHBA32d27k2opS8yg90yJN fDS7VxC2KejP37wGxS/JfMpjlx9eDgUx1eBus1HEWzm5FNNADl0XsNJvEwxjYdDh UcH00xUwG80dAjc23MK83FPNWSyaD+WuS6sGYCgcCvdpOzF1Ffkc1VvdVKzVYKEB 0bhKwtAFDtigP0i7rDyWvO5Rg46q15kLtFkUqGiUQWij4ErC2SHG0XnPEhO1O9hB A1WcG3KXNImz2vY+lByHRRm39B6pHqxZWgf/CAhpgt8zVRk2Y2gsNFCqumX+Xso/ xFjE2+C+FWDFanu+Xp6wjpHV84I+enWL984Uz/NmxiGx5CABkHcMv8cZPNufLTqY 5n1wlgSfPcgwvA9mazsEss6P6TIS6TSOqTZGgo2KML08vUkcT6P/Ouq74sXYgd7c MyCiCX1BX7ihPL2GXz1n0fb/CxsVTQHfKTGZi1/VRx10yawEKaRf0IJOC6ZVNJSq ZFZlEppsHCODqZhPoRdbJFbeJTRFM2ezOdwKr0z7hCFW2J+v981qOyJ3HhWevV/c IIOrRWGTA1Gf2E6m+XWCCfn8v87KDhKKUdqBkEZktZpt+KrjPnJeL5XRqo36eUqy tv5nM3lzaWQKQf1Df8/LWxrzEOCgy92zqVCto4Koe5IctwzXrigf3uod8K9FmAjU xSLTJvKBzWM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+NFcO0EeotqzoDM1BOuE vnj96GRlQzZeqjMPkPIcKgJrWPbPKmRx6YwVo5dQLQU2sS9jHK9ukWD/3qRAG6f/ OwijDdg8FSH+L4oNFBVU6MQrGQB6Q7NCR3Dv7Lno9D/16UYT4pSEX169U5nBjWhS XCiP3RXLpAvGvCItBqq/FYHc5T2d5TSCqcv8At9uJK+WVUEWc+/f+8uWS/vTtCJq FkRSu9JGQlHkBz8/AF6PaGrnrmmAMCRw8WXfK7pI+xwFr9olVp447egEVruE7Vpc W0QInazDGz/8KuxCuSOnHnVII0ItvFC70zaK5B5Gmk3OegMgV4x1j4QYSUDCqVf+ 5QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 649936491248087317951283415893046008183616424956 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-05 14:22:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-05 14:22:29 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'UR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Altdorf' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Urner Kantonalbank' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'eroeffnung.ukb.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31410339033016583461774806816934934371010405407909623954182187354866414279050506020738863588447961564874426902779745517419634519564236696788135134372683871719559443928324347398527472069922777081284942045175161638190611395071388623095655155707559892949543501063941130294133439844429613089717067124311355380720685915786216558092058873617265954666055091059781795196345129035950227427973290963606235161755085081919351803710861331970235917410423157779522896598200468125113147395799550763858365093545198038247078061458075291871806460247036381085561861107284652046042672433658925359991346157765716356866746276938193137303269 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eroeffnung.ukb.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5e37d858bc44acc1b913c036fd5e5e2ce482a1a2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00be7383a0c961e77cc7040df6776ee4da8a52f3283dd3224d7c34bb5710b629e8cfdfbc06c52fc97cca63971f5e0e0531d5e06eb351c45b39b914d3400e5d17b0d26f130c6361d0e151c1f4d315301bcd1d023736dcc2bcdc53cd592c9a0fe5ae4bab0660281c0af7693b317515f91cd55bdd54acd560a101d1b84ac2d0050ed8a03f48bbac3c96bcee51838eaad7990bb45914a868944168a3e04ac2d921c6d179cf1213b53bd84103559c1b72973489b3daf63e941c874519b7f41ea91eac595a07ff08086982df3355193663682c3450aaba65fe5eca3fc458c4dbe0be1560c56a7bbe5e9eb08e91d5f3823e7a758bf7ce14cff366c621b1e4200190770cbfc7193cdb9f2d3a98e67d7096049f3dc830bc0f666b3b04b2ce8fe93212e9348ea93646828d8a30bd3cbd491c4fa3ff3aeabbe2c5d881dedc3320a2097d415fb8a13cbd865f3d67d1f6ff0b1b154d01df2931998b5fd5471d74c9ac0429a45fd0824e0ba6553494aa645665129a6c1c2383a9984fa1175b2456de2534453367b339dc0aaf4cfb842156d89faff7cd6a3b22771e159ebd5fdc2083ab45619303519fd84ea6f9758209f9fcbfceca0e128a51da81904664b59a6df8aae33e725e2f95d1aa8dfa794ab2b6fe6733797369640a41fd437fcfcb5b1af310e0a0cbddb3a950ada382a87b921cb70cd7ae281fdeea1df0af459808d4c522d326f281cd63