test.empa.ch
Issued by SwissSign RSA TLS DV ICA 2022 - 1
About this certificate
This digital certificate with serial number 6e:8a:d4:0d:5d:e6:43:d6:e2:fe:cf:90:90:4a:77:4c:06:93:74:c4 was issued on by SwissSign AG.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=test.empa.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate will expire on
Certificate Details
Serial Number (hex): 6e:8a:d4:0d:5d:e6:43:d6:e2:fe:cf:90:90:4a:77:4c:06:93:74:c4Serial Number (int): 631084959981121684635648933793466943510687216836
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 8c:51:96:22:c4:98:48:00:ee:5d:26:5e:f2:5b:16:5d:80:fa:46:3d
AuthorityKeyId: eb:bd:7f:49:93:8c:c9:ee:ec:a2:ba:f7:1c:d2:67:f0:83:b1:ea:de
Fingerprint (sha1): c6:dd:c2:8e:c4:df:da:47:49:69:91:3c:bd:52:1f:69:7e:0b:61:40
Fingerprint (sha256): b9:ca:59:90:0f:f6:d4:89:fa:67:1d:c8:a9:01:f8:57:a5:21:48:39:9d:79:79:9d:5a:0c:17:8c:ab:92:0a:0f
Issuing Certificate URL: http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167
Revocation information
OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efecCRL Distribution Point: http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba
Check the revocation status for certificate test.empa.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for test.empa.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
test.empa.ch
Other certificates including the domain name empa.ch
(limited to 100 certificates)
certest-win.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sbc.empa.ch
test.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
certest-win.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
certest-win.empa.ch
adobesync.empa.ch
*.empa.ch
www.nest.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sbc.empa.ch
sip.empa.ch
test.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sbc.empa.ch
test.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
certest-win.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
certest-win.empa.ch
adobesync.empa.ch
*.empa.ch
www.nest.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sbc.empa.ch
sip.empa.ch
test.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
Certificate
The complete raw certificate details for test.empa.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIazCCBlOgAwIBAgIUborUDV3mQ9bi/s+QkEp3TAaTdMQwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjIgLSAxMB4XDTI0MDUwMzA5 MzgxNFoXDTI1MDUwMzA5MzgxNFowFzEVMBMGA1UEAxMMdGVzdC5lbXBhLmNoMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVxbLnTcZwMqr2mXOBT+F14A WPh8sDzXs3jbrYo7H9yt006p1gHxHg+FVR2dndq5RiFBAUYAgAY1uuR/rPVAMMJb aoaOSE+ziv/vRcYir8X/0KHbZueBZhwEbOEceWtmKSpsO8EshMcNJpIbXb/t4de7 SRrSmM2JU31qV7IUhHMxyW/EIsbjPzHd3UofQeTSjdk/uXccMA6PxySnco3fi7dB X7/NpK0O1iwx5SMBs/yTenflMq0mC/X/Q65nO+1RAUblbvNjVShFU9GNJRC8vdiH JDoQPTdLXzar5VSo1mkMGloZtj6cNJ4AtUM2CvlP0SCu+3pB43DGd4NsfHQubQID AQABo4IEdDCCBHAwgbIGCCsGAQUFBwEBBIGlMIGiMEwGCCsGAQUFBzAChkBodHRw Oi8vYWlhLnN3aXNzc2lnbi5jaC9haXItMWI4NjMzODUtZjRhOS00N2ZhLTg4YTUt MmE1YWJmZDRhMTY3MFIGCCsGAQUFBzABhkZodHRwOi8vb2NzcC5zd2lzc3NpZ24u Y2gvc2lnbi9vY3MtYWFjY2NlZDUtNjZlOC00MDY5LTliMWItZmQyOWFiNzNlZmVj MG8GA1UdIARoMGYwCAYGZ4EMAQIBMAgGBgQAj3oBBjBQBghghXQBWQIBATBEMEIG CCsGAQUFBwIBFjZodHRwczovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lz c1NpZ25fQ1BTX1RMUy5wZGYwUQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5z d2lzc3NpZ24uY2gvY2RwLTY3OTcyM2IyLTg2NDEtNDY0Mi04NTAwLWY2ZDJmZjM3 ZTZiYTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQD AgWgMBcGA1UdEQQQMA6CDHRlc3QuZW1wYS5jaDAdBgNVHQ4EFgQUjFGWIsSYSADu XSZe8lsWXYD6Rj0wHwYDVR0jBBgwFoAU671/SZOMye7sorr3HNJn8IOx6t4wggJr BgorBgEEAdZ5AgQCBIICWwSCAlcCVQB2ACjigTj9gyFF6anWqnU3bYN3qIUSs8B/ ckFIIdy96YxmAAABjz3RktQAAAQDAEcwRQIhAI+V7yRbHcXc9Yqahc8n4/DdZ0pF JFZyr02ID++Uj7cMAiBX9PF14zL7tLt4sXlFV3gwCDoAjpC5AtJe4TSzQcDTtgB1 AOCSs/wMHcjnaDYf3mG5lk0KUngZinLWcsSwTaVtb1QEAAABjz3RkNkAAAQDAEYw RAIgVJzJSL0bcp9w36QlNfz05vXOEsTyjV+6pDK5m421ljYCIC4Kb7HXVDr5lmOD zjA/YelaFKjdkr1hqGNawA5R7pQ+AHUAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ys AdJbd87MOwgAAAGPPdGPmgAABAMARjBEAiAuikG+edp8QbZ4MgkwLXnbzuKP0hX1 A3sgJF4IM076pQIgF9/X4ZJSZR00+mA6zpmrZ0YGsitssB0j5wn6oUuvN+4AdgDM +w9qhXEJZf6Vm1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAY890Y/tAAAEAwBHMEUC IQCreLD7tpsxYlnXxZiEGbVjD5yPtR9YKbpA7493v7prawIgFxqiHoh4OU5Mjn3y pHkS/8MSL0SQF56BxZwI38wf420AdQBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx +mSxYpo53wAAAY890Y/WAAAEAwBGMEQCIF/YfpikMIs8bUhf2xUeZjBvQvuHdNqg FXnOk4ZQLsBiAiBiCadeNPjJRA974b3Iq7Im1hTBLoAc93+N1t+ur+u7kzANBgkq hkiG9w0BAQsFAAOCAgEAjUAHiyfnsOO8m3QOoercjPxGm74T1QJixs6XXwaDyzoX +jzWXlur9pC+NZq4J+SvQ7EF84yidWS8LfZqe0kf5ljkfHpIDspFBO15LgwN6rlZ dD82V/HlmIi23ifAsQL+OJ4C8kHPIeOyTE4ahcFqoQT0InFzvwP9/9ZBMHNtihix FfndMCZEufka8cutQIMLHW7QvUv+Ctv37OjJW6NFjWucIuLJs5vaNOfcaqOXbpa3 T5JWUHeIuf5xrBtmVvUBR3EHoHVYnoTcl/HxO2Jcdm4W+PymUAAA4RBuO/0Gn+tA Me8lIg/gSxzTddm4GTTVlB8NSrgk1uRYM6llKn9tAcFKVIKuluqItBDSvOlQaN60 3H5bWJUmB8a6F/Hxapcs2uQaAmnBxyMTWp4JpER8Jaxkp82OhRnG+0+OJI9MdWlf o8PpMXIiPXHplzvkJtQnWyAzXx77xt4R5H3Mos12xR2qbfDqITahUxfuGebfYt3B 3JDAqDNY7uJOyBLYbvQpaiSKmBjVVYUEaf9IFpIMu1lPv0hsB4p/lsWMebKL5Cb7 B1jw0yf2KVHiAmDkGP91fhrh8PnKrWQt6tP9HPr6V+EtP5BxIzCEMRBzM6u915Np sQGAREgV5vzOuuqKCzV2S+7gih7pw3TYFHp/BrOeTxSUc0bKLo2O75SqO9NgZUk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVxbLnTcZwMqr2mXOBT+ F14AWPh8sDzXs3jbrYo7H9yt006p1gHxHg+FVR2dndq5RiFBAUYAgAY1uuR/rPVA MMJbaoaOSE+ziv/vRcYir8X/0KHbZueBZhwEbOEceWtmKSpsO8EshMcNJpIbXb/t 4de7SRrSmM2JU31qV7IUhHMxyW/EIsbjPzHd3UofQeTSjdk/uXccMA6PxySnco3f i7dBX7/NpK0O1iwx5SMBs/yTenflMq0mC/X/Q65nO+1RAUblbvNjVShFU9GNJRC8 vdiHJDoQPTdLXzar5VSo1mkMGloZtj6cNJ4AtUM2CvlP0SCu+3pB43DGd4NsfHQu bQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 631084959981121684635648933793466943510687216836 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2022 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-03 09:38:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-03 09:38:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test.empa.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21884769287705726588696749321647956060021076258768689242882025791041193717813440797015609158711760255632014759160625212898220891603052803278870469598229274562959814170690632707784816345924855475628996222344658218601426917764335348617169318481382056442689228994790255243718588053781118715512317321516481093996808329804537795392057422771798485163382226282237530830613266031372748039322245522650284136163229399228225599819202333258884585586269102238949432754257745488094559573717292707116844414076606660944304942748102576847320345917159101807158654131301969437436225621844693731092719818244264395890343634581141264281197 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-1b863385-f4a9-47fa-88a5-2a5abfd4a167' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-679723b2-8641-4642-8500-f6d2ff37e6ba' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.empa.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8c519622c4984800ee5d265ef25b165d80fa463d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebbd7f49938cc9eeeca2baf71cd267f083b1eade . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (603 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (599 bytes) 025500760028e28138fd832145e9a9d6aa75376d8377a88512b3c07f72414821dcbde98c660000018f3dd192d400000403004730450221008f95ef245b1dc5dcf58a9a85cf27e3f0dd674a45245672af4d880fef948fb70c022057f4f175e332fbb4bb78b17945577830083a008e90b902d25ee134b341c0d3b6007500e092b3fc0c1dc8e768361fde61b9964d0a5278198a72d672c4b04da56d6f54040000018f3dd190d900000403004630440220549cc948bd1b729f70dfa42535fcf4e6f5ce12c4f28d5fbaa432b99b8db5963602202e0a6fb1d7543af9966383ce303f61e95a14a8dd92bd61a8635ac00e51ee943e007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f3dd18f9a000004030046304402202e8a41be79da7c41b6783209302d79dbcee28fd215f5037b20245e08334efaa5022017dfd7e19252651d34fa603ace99ab674606b22b6cb01d23e709faa14baf37ee007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018f3dd18fed0000040300473045022100ab78b0fbb69b316259d7c5988419b5630f9c8fb51f5829ba40ef8f77bfba6b6b0220171aa21e8878394e4c8e7df2a47912ffc3122f4490179e81c59c08dfcc1fe36d0075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f3dd18fd6000004030046304402205fd87e98a4308b3c6d485fdb151e66306f42fb8774daa01579ce9386502ec06202206209a75e34f8c9440f7be1bdc8abb226d614c12e801cf77f8dd6dfaeafebbb93 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 008d40078b27e7b0e3bc9b740ea1eadc8cfc469bbe13d50262c6ce975f0683cb3a17fa3cd65e5babf690be359ab827e4af43b105f38ca27564bc2df66a7b491fe658e47c7a480eca4504ed792e0c0deab959743f3657f1e59888b6de27c0b102fe389e02f241cf21e3b24c4e1a85c16aa104f4227173bf03fdffd64130736d8a18b115f9dd302644b9f91af1cbad40830b1d6ed0bd4bfe0adbf7ece8c95ba3458d6b9c22e2c9b39bda34e7dc6aa3976e96b74f9256507788b9fe71ac1b6656f501477107a075589e84dc97f1f13b625c766e16f8fca6500000e1106e3bfd069feb4031ef25220fe04b1cd375d9b81934d5941f0d4ab824d6e45833a9652a7f6d01c14a5482ae96ea88b410d2bce95068deb4dc7e5b58952607c6ba17f1f16a972cdae41a0269c1c723135a9e09a4447c25ac64a7cd8e8519c6fb4f8e248f4c75695fa3c3e93172223d71e9973be426d4275b20335f1efbc6de11e47dcca2cd76c51daa6df0ea2136a15317ee19e6df62ddc1dc90c0a83358eee24ec812d86ef4296a248a9818d555850469ff4816920cbb594fbf486c078a7f96c58c79b28be426fb0758f0d327f62951e20260e418ff757e1ae1f0f9caad642dead3fd1cfafa57e12d3f907123308431107333abbdd79369b10180444815e6fccebaea8a0b35764beee08a1ee9c374d8147a7f06b39e4f14947346ca2e8d8eef94aa3bd3606549