epd-prod.thurmed.ch

- thurmed AG -

Issued by SwissSign RSA TLS OV ICA 2022 - 1

About this certificate

This digital certificate with serial number 1e:c6:38:10:ed:07:15:ec:2f:c1:9c:db:b5:d5:96:62:8b:04:8c:3d was issued on by SwissSign AG.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

thurmed AG

Organization: thurmed AG
State / Province: TG
Locality: Frauenfeld
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate will expire on

Certificate Details

Serial Number (hex): 1e:c6:38:10:ed:07:15:ec:2f:c1:9c:db:b5:d5:96:62:8b:04:8c:3d
Serial Number (int): 175690154721618124140108709514253879919595785277
Serial Number lenght: 157 bits, 20 octets

SubjectKeyId: ea:e8:91:90:7f:ac:b3:2e:7c:5a:eb:d3:1d:ce:90:e8:99:f2:aa:81
AuthorityKeyId: 7c:6f:0a:6f:13:0f:d9:8c:24:6f:26:34:f3:5c:6b:43:6d:b7:23:b6

Fingerprint (sha1): cd:b7:2c:52:ae:70:06:69:19:09:3c:85:b4:2c:5e:8f:8b:6f:f2:6f
Fingerprint (sha256): bc:6e:c6:b0:6d:a7:ec:8d:fe:35:a1:51:2e:e5:d7:1c:79:92:30:f8:4b:00:a7:f9:c9:38:a6:dc:b1:6c:8a:d0

Issuing Certificate URL: http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45

Revocation information

OCSP Server: http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
CRL Distribution Point: http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34

Check the revocation status for certificate epd-prod.thurmed.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for epd-prod.thurmed.ch

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

epd-prod.thurmed.ch

Other certificates including the domain name thurmed.ch

(limited to 100 certificates)
am.thurmed.ch
af.thurmed.ch
epd-prod.thurmed.ch
am.thurmed.ch
af.thurmed.ch
af.thurmed.ch
af.thurmed.ch
aft.thurmed.ch
epd-prod.thurmed.ch
epd-prod.thurmed.ch
expe.stgag.ch
epd-test.thurmed.ch
af.thurmed.ch
aft.thurmed.ch
stgag.ch
expe.stgag.ch
af.thurmed.ch
amt.thurmed.ch
epd-prod.thurmed.ch
amt.thurmed.ch
epd-test.thurmed.ch
stgag.ch

Certificate

The complete raw certificate details for epd-prod.thurmed.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJSTCCBzGgAwIBAgIUHsY4EO0HFewvwZzbtdWWYosEjD0wDQYJKoZIhvcNAQEL
BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE
AxMhU3dpc3NTaWduIFJTQSBUTFMgT1YgSUNBIDIwMjIgLSAxMB4XDTIzMDYwNjEy
MTE1OFoXDTI0MDYwNjEyMTE1OFowYjELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAlRH
MRMwEQYDVQQHDApGcmF1ZW5mZWxkMRMwEQYDVQQKDAp0aHVybWVkIEFHMRwwGgYD
VQQDExNlcGQtcHJvZC50aHVybWVkLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
MIICCgKCAgEAg1G86YF4Mwiu4hqkut4qbWY/RRh6077aC2vUStDaCynvoZSXmXQv
0T55NlfVuJBtCymy1QfTMA6FGMfIJcgN/ZCSY6SegbCMJoP3fjXQc5WOpWCq7KoX
HsqimQfJqEkmfv/al+UXxZlvc4CKKKt2g2ooaiT/XZNbWXtAjiwc3zlJzG5mExfo
bruEaabkh5gQuRiSzJZvitlx7ddrjZB8t1Ww7DM1mSqj1ZPKQzbKYNYwV8tpgIL+
wfecUO1c0PTXBhX4O5v3YIADs9orVuM7nEv6bFQL812Dh/CuRJfnXLtKfHN/9rr7
rLYrl+VFt1uglR81W4W0SLmfZ3jdx7wUiZ44GddzVizRzafYD4GVy6RDTfd476Gf
JLXqMUq8ar//rA4Fxb+WdHF0vglwIjDwbeR6nEpcszu0ytRgkeFoP+XDSxnl91M0
gkBjdH2x1Z1a8svLF2PbmZ9nHgIIBXetfu40CYzcuu8dYjqKjjhFL77frc9nSUX+
h1ZYssopvfbycl+Kca6HNuAJd8w/WJPHlSal+HvHApHQNdtKYUDg//Sdz2ZaVcMi
m7hKH6BwAGg2drlsfsa3jGfABjpfZ4OlgYaMvfJ07MuEaJfxyxWWYOVWoc3iCpxZ
7R4abD7Vzk1avKASQq8bxE/JYUQ9GZgLywonh389ZqiFSJ/44WLWKBECAwEAAaOC
BAcwggQDMIGyBggrBgEFBQcBAQSBpTCBojBMBggrBgEFBQcwAoZAaHR0cDovL2Fp
YS5zd2lzc3NpZ24uY2gvYWlyLTBmMmJmOWE1LWRkMzctNDhjOS1hODViLTEyYWNk
Y2I4YmU0NTBSBggrBgEFBQcwAYZGaHR0cDovL29jc3Auc3dpc3NzaWduLmNoL3Np
Z24vb2NzLWFhY2NjZWQ1LTY2ZTgtNDA2OS05YjFiLWZkMjlhYjczZWZlYzBvBgNV
HSAEaDBmMAgGBmeBDAECAjAIBgYEAI96AQcwUAYIYIV0AVkCAQIwRDBCBggrBgEF
BQcCARY2aHR0cHM6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWdu
X0NQU19UTFMucGRmMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwuc3dpc3Nz
aWduLmNoL2NkcC05NmI2MmY1YS02YjczLTRkYTQtODdmNy1jZTQwMDJjMWNkMzQw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAe
BgNVHREEFzAVghNlcGQtcHJvZC50aHVybWVkLmNoMB0GA1UdDgQWBBTq6JGQf6yz
Lnxa69MdzpDomfKqgTAfBgNVHSMEGDAWgBR8bwpvEw/ZjCRvJjTzXGtDbbcjtjCC
AfcGCisGAQQB1nkCBAIEggHnBIIB4wHhAHcAVYHUwhaQNgFK6gubVzxT8MDkOHhw
JQgXL6OqHQcT0wwAAAGIkJ8BkAAABAMASDBGAiEA0ceYk5c0p8kJq/tMUOh5E/GY
tuEazVR2V/nh18DXx/kCIQDFNb0D2GZ64TKI7cuHJ8W4h1vldFTpMpHpF/uQuVSd
6gB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiJCfBCYAAAQD
AEcwRQIgfNRNbSxwlDrixEaq/i1SOcL8cMLkgKGCsZpVtMEdIaoCIQDHZkI3Uk6j
0nGiDMtNp4sXSZ05uZKGThZ0U93iudebeAB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8
vOzew1FIWUZxH7WbAAABiJCfBRkAAAQDAEcwRQIgdqC6y9QBlrJ7B17R8dH8S2oD
UTXetS2QHDLlPNZNJogCIQDFnJDgiIqcMLSPloP0u1etMqvfTTqMR1FMdPPdfsiC
qwB2AIdPtQ3AKdmTHeVz6fKJno5FM7OS04sKRiV0vw/usvweAAABiJCfCOkAAAQD
AEcwRQIgXzyFo3auVXNW6LuCIyJHPmnwIrZDpOpY7RvIJFQDC8MCIQCpy/7GVDz3
Xge5xtQOPBSvUe2dp17KllXehk+TQvBnWTANBgkqhkiG9w0BAQsFAAOCAgEAqxaA
L19cLqwR+I4nk9Kf1StOhFO7R0Vod7KHbtQjQWh3hEaAB8OTcuPdGSXE/VNeXocu
HEhLymZJ/AiKogDYOGeiYO8uaIYChbprLnvCQCVYnUuJRSGqeJHk+pKJ9ghlLXEA
3SCT27Re7nwrjCI5VavNBoqXNieWsjpuhd42CTE4FkyjUXhuXhKAxRXF2M2BG1lX
J4XPSJ50doLxE3C6YXDGuohMTufSMLkQ5DvhYn7ii2MBTJ6mJEMn1n9uW5sZ6WEZ
22bdnl+tKc1qr/tVjRU2/g3AlbsvnOP3MGrACPPaXR3Ho7nNvRFY2Ks1N6RB3Ofu
jEVNULoHwedX5qZP6fpa0XCPMi74ZCxBcfc293my7/LKP/l50CCtgJmEU8p7a/yc
2w8+TW8e+D0mMnHJwCrxbLrQYeH1SGnZmOwehwR8y+PLlZgmyKxBDwUdUCAvtaj3
gzeDFKGj5lUVIZxxrzd2xSp8TzVHcn3ggz668b8r6LyrwCOi1rJsudRTWSeduGK2
55hHcZ1DRMrPmel5v5cu0KV8b3u1EHg43Xs5ATLFI/AfVRUJ55KNkaMipIqpTpOT
45ANKI0CX6Wo9AGVDbz6luJu7B+Fotx4wFwF3W1unuoC3w2lbepMpNvvrgrYffOu
XA86lpaS1qmRe0rHruwolhGU7AiDPL9cUZUS4uU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAg1G86YF4Mwiu4hqkut4q
bWY/RRh6077aC2vUStDaCynvoZSXmXQv0T55NlfVuJBtCymy1QfTMA6FGMfIJcgN
/ZCSY6SegbCMJoP3fjXQc5WOpWCq7KoXHsqimQfJqEkmfv/al+UXxZlvc4CKKKt2
g2ooaiT/XZNbWXtAjiwc3zlJzG5mExfobruEaabkh5gQuRiSzJZvitlx7ddrjZB8
t1Ww7DM1mSqj1ZPKQzbKYNYwV8tpgIL+wfecUO1c0PTXBhX4O5v3YIADs9orVuM7
nEv6bFQL812Dh/CuRJfnXLtKfHN/9rr7rLYrl+VFt1uglR81W4W0SLmfZ3jdx7wU
iZ44GddzVizRzafYD4GVy6RDTfd476GfJLXqMUq8ar//rA4Fxb+WdHF0vglwIjDw
beR6nEpcszu0ytRgkeFoP+XDSxnl91M0gkBjdH2x1Z1a8svLF2PbmZ9nHgIIBXet
fu40CYzcuu8dYjqKjjhFL77frc9nSUX+h1ZYssopvfbycl+Kca6HNuAJd8w/WJPH
lSal+HvHApHQNdtKYUDg//Sdz2ZaVcMim7hKH6BwAGg2drlsfsa3jGfABjpfZ4Ol
gYaMvfJ07MuEaJfxyxWWYOVWoc3iCpxZ7R4abD7Vzk1avKASQq8bxE/JYUQ9GZgL
ywonh389ZqiFSJ/44WLWKBECAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 175690154721618124140108709514253879919595785277
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS OV ICA 2022 - 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-06 12:11:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-06 12:11:58 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'TG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Frauenfeld'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'thurmed AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'epd-prod.thurmed.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 535735957652646110497410414981601962834145281598934083586456833241300471254004902321121201078693367430840536679509749390988965080318584050206599634220243407043639479950547604182725306063063586231678527810434985422638637562602344642979952255736812246829546034086194237577154967688068035724612678287415463219408885481917685566142836051388572500421869573512116981663085016760002995605680720260422471934363467087846636322143739529176564164373606495144446841600609293490059360593340043384521910597876861587445934536608964815761517316082914729651071508324897860767799554014050618292142371047839281050591243869591286265017854760131447304081892132293196997018015958833611675172635500535055401081910469460012687112677864602590640189043106824248693337268417923745200153668073185623277537718721203025311352360136656430007109868921164293625534129004881038758758314368484560443282819712150313503336483564382671699368857191625057114140207927713634046239340854276394720856269955363333970420470097985568604223408846298109983585935515674156073200945765207557311315955169556793840927744597847982930540461502856970488999609161309341864348453023152191909778166511918663952812005882932579858628191831688838127903967605387568165449533704839613087743354897
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (165 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.swisssign.ch/air-0f2bf9a5-dd37-48c9-a85b-12acdcb8be45'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.ch/cdp-96b62f5a-6b73-4da4-87f7-ce4002c1cd34'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'epd-prod.thurmed.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							eae891907facb32e7c5aebd31dce90e899f2aa81
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7c6f0a6f130fd98c246f2634f35c6b436db723b6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
							01e10077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000188909f01900000040300483046022100d1c798939734a7c909abfb4c50e87913f198b6e11acd547657f9e1d7c0d7c7f9022100c535bd03d8667ae13288edcb8727c5b8875be57454e93291e917fb90b9549dea007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000188909f0426000004030047304502207cd44d6d2c70943ae2c446aafe2d5239c2fc70c2e480a182b19a55b4c11d21aa022100c7664237524ea3d271a20ccb4da78b17499d39b992864e167453dde2b9d79b78007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000188909f05190000040300473045022076a0bacbd40196b27b075ed1f1d1fc4b6a035135deb52d901c32e53cd64d2688022100c59c90e0888a9c30b48f9683f4bb57ad32abdf4d3a8c47514c74f3dd7ec882ab007600874fb50dc029d9931de573e9f2899e8e4533b392d38b0a462574bf0feeb2fc1e00000188909f08e9000004030047304502205f3c85a376ae557356e8bb822322473e69f022b643a4ea58ed1bc82454030bc3022100a9cbfec6543cf75e07b9c6d40e3c14af51ed9da75eca9655de864f9342f06759
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00ab16802f5f5c2eac11f88e2793d29fd52b4e8453bb47456877b2876ed42341687784468007c39372e3dd1925c4fd535e5e872e1c484bca6649fc088aa200d83867a260ef2e68860285ba6b2e7bc24025589d4b894521aa7891e4fa9289f608652d7100dd2093dbb45eee7c2b8c223955abcd068a97362796b23a6e85de36093138164ca351786e5e1280c515c5d8cd811b59572785cf489e747682f11370ba6170c6ba884c4ee7d230b910e43be1627ee28b63014c9ea6244327d67f6e5b9b19e96119db66dd9e5fad29cd6aaffb558d1536fe0dc095bb2f9ce3f7306ac008f3da5d1dc7a3b9cdbd1158d8ab3537a441dce7ee8c454d50ba07c1e757e6a64fe9fa5ad1708f322ef8642c4171f736f779b2eff2ca3ff979d020ad80998453ca7b6bfc9cdb0f3e4d6f1ef83d263271c9c02af16cbad061e1f54869d998ec1e87047ccbe3cb959826c8ac410f051d50202fb5a8f783378314a1a3e65515219c71af3776c52a7c4f3547727de0833ebaf1bf2be8bcabc023a2d6b26cb9d45359279db862b6e79847719d4344cacf99e979bf972ed0a57c6f7bb5107838dd7b390132c523f01f551509e7928d91a322a48aa94e9393e3900d288d025fa5a8f401950dbcfa96e26eec1f85a2dc78c05c05dd6d6e9eea02df0da56dea4ca4dbefae0ad87df3ae5c0f3a969692d6a9917b4ac7aeec28961194ec08833cbf5c519512e2e5