www.ideafinanz.ch

Issued by RapidSSL SHA256 CA - G3

About this certificate


This digital certificate with serial number 06:f9:b4 was issued on by GeoTrust Inc. .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

www.ideafinanz.ch

Organization unit: GT09835291
Organization unit: See www.rapidssl.com/resources/cps (c)15
Organization unit: Domain Control Validated - RapidSSL(R)

GeoTrust Inc.

Organization: GeoTrust Inc.

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 06:f9:b4
Serial Number (int): 457140
Serial Number lenght: 19 bits, 3 octets

SubjectKeyId:
AuthorityKeyId: c3:9c:f3:fc:d3:46:08:34:bb:ce:46:7f:a0:7c:5b:f3:e2:08:cb:59

Fingerprint (sha1): 5d:6f:35:07:be:17:0d:bb:48:62:01:65:c5:cb:d3:9b:cf:dd:02:49
Fingerprint (sha256): 9d:73:53:5f:04:23:33:50:35:14:27:26:6c:81:84:83:ca:31:b3:8e:3d:cf:4a:07:1b:0f:f8:87:78:4f:a1:ac

Issuing Certificate URL: http://gv.symcb.com/gv.crt

Revocation information

OCSP Server: http://gv.symcd.com
CRL Distribution Point: http://gv.symcb.com/gv.crl

Check the revocation status for the current certificate on www.ideafinanz.ch
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.ideafinanz.ch
ideafinanz.ch

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFtDCCBJygAwIBAgIDBvm0MA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdSYXBpZFNTTCBTSEEy NTYgQ0EgLSBHMzAeFw0xNTA5MTYyMzIxMDJaFw0xNzA5MTcxMTQ5MDhaMIGVMRMw EQYDVQQLEwpHVDA5ODM1MjkxMTEwLwYDVQQLEyhTZWUgd3d3LnJhcGlkc3NsLmNv bS9yZXNvdXJjZXMvY3BzIChjKTE1MS8wLQYDVQQLEyZEb21haW4gQ29udHJvbCBW YWxpZGF0ZWQgLSBSYXBpZFNTTChSKTEaMBgGA1UEAxMRd3d3LmlkZWFmaW5hbnou Y2gwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDmbnwI03+y5i+xDn/P RcUt+db5kiKkvIochbr9vBBB8zP7JM3ic2Ffj8NLeMzt7R24g6VxFJjO4TdqG6Ye Uk4rLiRwK0EQ26g1Qxj5nyCgXYDshnlecLlT58UgnZjTgKa3oEPB6vvzMVv/RF2o xb4b5YeQpRDDZiixL4ybHIR1nRyG91CHQZAte9HnrDW5j3JfJFEN8rlOGMFngn83 0VGKIkN3ebGxK7OHh2mYt9jbjzMpCNJ7/p7r+OZSEpRyPL4bOsMA8j0Y4jXN9x4l 0hzRtnmSwKLuwC1yiKF0EUe5OHTn/d8XlOX10Uw8sKKw6wOlBnGswimaUVjzri3r AoRedyUZOHfEm3MJokEspq1IwiYI+n7cfgNzIGw8zjMzkK4BCzZJjKpZWT3aGp4S 4ndsCdybpv63ynKrXHdk9DEbcQbzx+/yFH/KQBYb0Sf1dTGpbjAt5RsgzaXrj9zT AiFiBn6P3SEIsW8BQ5vcFgALAf49x+1/k0O0QSD4MbrbBabUGo17+SZZogCJusgc /kEzkwpmxshNkFSLosgaVi6Ip3ljXQdy1F5G/spt6z6JXRMiduL2SxnQsRjlsfl5 1tgcyyHQ8pE1X/Oog/Lz5JxFTD+IOj8qJWfjNlsycsIqZUS6FFhu8wIO/wwArGHi XwIDdmUNJOoMojtMwQUUXhxi+wIDAQABo4IBWDCCAVQwHwYDVR0jBBgwFoAUw5zz /NNGCDS7zkZ/oHxb8+IIy1kwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo dHRwOi8vZ3Yuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ3Yuc3ltY2Iu Y29tL2d2LmNydDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMCsGA1UdEQQkMCKCEXd3dy5pZGVhZmluYW56LmNogg1pZGVhZmlu YW56LmNoMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9ndi5zeW1jYi5jb20vZ3Yu Y3JsMAwGA1UdEwEB/wQCMAAwQQYDVR0gBDowODA2BgZngQwBAgEwLDAqBggrBgEF BQcCARYeaHR0cHM6Ly93d3cucmFwaWRzc2wuY29tL2xlZ2FsMA0GCSqGSIb3DQEB CwUAA4IBAQCniDyxnYfpEfqbx9BzUMiCn3tKzJ8ZCEsBY9wsvLZNumEez/6JrFe1 YTT3jAVn8aGnNnBI6U04vSXBGq1VrxetYwTUB/v8h1tnOI7zjTSB7LwCpeHI3i5N /JrcBGsGcbLKVRg+8o8rZ8HjoMDHvRIHJ7ysYFjcuhHwefAeeYgmiZINnjyL/BKR YTanW7G728x8mhHHZZrXKA0G9GhA3AxPXPVTcE/Su7M9PwwCvKKw2WaHwXTZCM3J pj44N3Ykgo45KpTNxjXuKyZGwabjsZVkUl+/S32SNZDUXq+PowhRtp78pktG7jMK gufh4pgSBYDyx0vw8scKD1UcWutu2y/I -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5m58CNN/suYvsQ5/z0XF LfnW+ZIipLyKHIW6/bwQQfMz+yTN4nNhX4/DS3jM7e0duIOlcRSYzuE3ahumHlJO Ky4kcCtBENuoNUMY+Z8goF2A7IZ5XnC5U+fFIJ2Y04Cmt6BDwer78zFb/0RdqMW+ G+WHkKUQw2YosS+MmxyEdZ0chvdQh0GQLXvR56w1uY9yXyRRDfK5ThjBZ4J/N9FR iiJDd3mxsSuzh4dpmLfY248zKQjSe/6e6/jmUhKUcjy+GzrDAPI9GOI1zfceJdIc 0bZ5ksCi7sAtcoihdBFHuTh05/3fF5Tl9dFMPLCisOsDpQZxrMIpmlFY864t6wKE XnclGTh3xJtzCaJBLKatSMImCPp+3H4DcyBsPM4zM5CuAQs2SYyqWVk92hqeEuJ3 bAncm6b+t8pyq1x3ZPQxG3EG88fv8hR/ykAWG9En9XUxqW4wLeUbIM2l64/c0wIh YgZ+j90hCLFvAUOb3BYACwH+Pcftf5NDtEEg+DG62wWm1BqNe/kmWaIAibrIHP5B M5MKZsbITZBUi6LIGlYuiKd5Y10HctReRv7Kbes+iV0TInbi9ksZ0LEY5bH5edbY HMsh0PKRNV/zqIPy8+ScRUw/iDo/KiVn4zZbMnLCKmVEuhRYbvMCDv8MAKxh4l8C A3ZlDSTqDKI7TMEFFF4cYvsCAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 457140 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-09-16 23:21:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-17 11:49:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT09835291' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.rapidssl.com/resources/cps (c)15' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated - RapidSSL(R)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.ideafinanz.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 940078828904435277369890625408528174466037631792355944157438378369303475390067047847874872963125821870915493535625276779148699298140893849378505806196351756545299315766400944281477260959234288456772646622202010521613803968548888182026059974539876793107833460540454235195785611571184099893138068667883212571543444245376394548976771685430081712673030973971239136928625536461184181092478642426576169269296619653445422438901189399961989087739658073579260198645059105039744716427442294767657141929019089539327199082732274297573251015818144342137612603126750826739354398330884699574695376750825513422693013185856839184536429560115788853787502030612085962898223654111829880268634634232678476258962126494487640226056209686192074437623967645282706885894996033453949186048325310067781544672653132345375343667559571616043351620380556352928273211996494528338853907986433615398841219120375286640971212055056875119369992954192397917678296108701124002582380721464659487161762845176581252426149900744383893166878359186339159976200230297837701045530650376966141540212731580046126513678351808364164908639381469476867901355759110347344217499856903596619448989226661904376591602213226804870872349694734765721444695248402464125990032590707613054160102139 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39cf3fcd3460834bbce467fa07c5bf3e208cb59 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gv.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gv.symcb.com/gv.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ideafinanz.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ideafinanz.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gv.symcb.com/gv.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a7883cb19d87e911fa9bc7d07350c8829f7b4acc9f19084b0163dc2cbcb64dba611ecffe89ac57b56134f78c0567f1a1a7367048e94d38bd25c11aad55af17ad6304d407fbfc875b67388ef38d3481ecbc02a5e1c8de2e4dfc9adc046b0671b2ca55183ef28f2b67c1e3a0c0c7bd120727bcac6058dcba11f079f01e79882689920d9e3c8bfc12916136a75bb1bbdbcc7c9a11c7659ad7280d06f46840dc0c4f5cf553704fd2bbb33d3f0c02bca2b0d96687c174d908cdc9a63e38377624828e392a94cdc635ee2b2646c1a6e3b19564525fbf4b7d923590d45eaf8fa30851b69efca64b46ee330a82e7e1e298120580f2c74bf0f2c70a0f551c5aeb6edb2fc8