*.empa.ch
Issued by SwissSign Server Silver CA 2008 - G2
About this certificate
This digital certificate with serial number 40:d1:67:dd:06:4e:55:3c:c2:04:e4:c4:26:94:68 was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=*.empa.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 40:d1:67:dd:06:4e:55:3c:c2:04:e4:c4:26:94:68Serial Number (int): 336554251457941778943254104826614888
Serial Number lenght: 119 bits, 15 octets
SubjectKeyId:
AuthorityKeyId: d3:44:6f:d9:fe:7a:fc:de:ac:1c:7a:a2:21:0d:64:fa:65:b0:d7:82
Fingerprint (sha1): 01:d4:8c:75:17:ae:a1:ed:2d:82:9d:5d:af:8d:6f:84:0a:d5:27:0e
Fingerprint (sha256): dc:d4:a2:19:24:2a:00:84:12:59:01:9b:c4:40:8c:27:3d:40:af:94:5b:90:ba:52:b3:f6:9b:f9:28:3f:55:40
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782
Revocation information
CRL Distribution Point: http://crl.swisssign.net/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782CRL Distribution Point: ldap://directory.swisssign.net/CN=D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate *.empa.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.empa.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
7 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
empa.ch
*.empa.ch
*.empa.ch
Other certificates including the domain name empa.ch
(limited to 100 certificates)
certest-win.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
*.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
Certificate
The complete raw certificate details for *.empa.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFQzCCBCugAwIBAgIPQNFn3QZOVTzCBOTEJpRoMA0GCSqGSIb3DQEBBQUAMFMx CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxLTArBgNVBAMTJFN3 aXNzU2lnbiBTZXJ2ZXIgU2lsdmVyIENBIDIwMDggLSBHMjAeFw0wOTEwMTUxMzI1 MTZaFw0xMDEwMTUxMzI1MTZaMBQxEjAQBgNVBAMUCSouZW1wYS5jaDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAN3u4yLjv9SPXlEwxLowykAkVcMXwCv4 ejdXKWcktBG6VDMobEoIt8OO1ML+I1XEUG/uQa8WHub5dE+g+Jd6U+pLZsPtYAWl 6Q7G7iqSw/6k5bxGhsVt6rJ9KlzROXG5UOwOkVRNCe3NafSSmop1zBjoqKJCfbpe 0W1tT08+2/nMLfLDbklZ3MDRhQ6XpjdpOdW+QOdIXusnyWXc66mbS09RkjuuRI56 fNs6HOQZgrfNOG+MoMhQGhaHedLFYGHhtpKcLPDrnMn4aFb1WolC7FWrMci5Vz/X 54TL7QecUVS5o1+3UsZuClkH5SNiMyIEywUsSOi2RIEnOjHLW+6wxpsCAwEAAaOC AlEwggJNMB0GA1UdEQQWMBSCB2VtcGEuY2iCCSouZW1wYS5jaDAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaA FNNEb9n+evzerBx6oiENZPplsNeCMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6 Ly9jcmwuc3dpc3NzaWduLm5ldC9EMzQ0NkZEOUZFN0FGQ0RFQUMxQzdBQTIyMTBE NjRGQTY1QjBENzgyMIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3Np Z24ubmV0L0NOPUQzNDQ2RkQ5RkU3QUZDREVBQzFDN0FBMjIxMEQ2NEZBNjVCMEQ3 ODIlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlz dD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MGQGA1UdIARd MFswWQYJYIV0AVkBAwEDMEwwSgYIKwYBBQUHAgEWPmh0dHA6Ly9yZXBvc2l0b3J5 LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduLVNpbHZlci1DUC1DUFMtUjMucGRmMHQG CCsGAQUFBwEBBGgwZjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQv Y2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvRDM0NDZGRDlGRTdBRkNERUFDMUM3 QUEyMjEwRDY0RkE2NUIwRDc4MjANBgkqhkiG9w0BAQUFAAOCAQEAqbGvqDAf9133 h2ejn5tzUZWx8U2LZOApTsRplIaLLkUN3eOSlMEC0eVGBAjk/hCNJDNQWL9Xys2+ YZK3q6InV8wDmXuacLIbTCBpjHqwqLvdEduEEFJO8Dd3VON/F5ZjiBKFYwV+VTT+ aibw67V5CJ/BcKz5jzZak5886enF4Jrdc5ySC9svRO+uzyL0mIm2BrMUEPQI3GHD ZTVOMeVvulImRR/360R+FP3ehNw0WSGNSmtlulMDlAsDRMvbb7Cd7MDOeRuS4z/U HivhDebwo3Dtc15Ws8S+TLG8SWlHEkVF/DzckOM0+SrqobpjHoarUkJhu5eEjyz+ T5YxVEddCg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3e7jIuO/1I9eUTDEujDK QCRVwxfAK/h6N1cpZyS0EbpUMyhsSgi3w47Uwv4jVcRQb+5BrxYe5vl0T6D4l3pT 6ktmw+1gBaXpDsbuKpLD/qTlvEaGxW3qsn0qXNE5cblQ7A6RVE0J7c1p9JKainXM GOiookJ9ul7RbW1PTz7b+cwt8sNuSVncwNGFDpemN2k51b5A50he6yfJZdzrqZtL T1GSO65Ejnp82zoc5BmCt804b4ygyFAaFod50sVgYeG2kpws8OucyfhoVvVaiULs VasxyLlXP9fnhMvtB5xRVLmjX7dSxm4KWQflI2IzIgTLBSxI6LZEgSc6Mctb7rDG mwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336554251457941778943254104826614888 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Silver CA 2008 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2009-10-15 13:25:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-10-15 13:25:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.empa.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28016465091482795116873324808180721928811399529948393202343106811780474393336944534288857413016966507867430090365820026204631337983277738844739660544083407292362944509495230254759631628826230851490811989935226622567247478739379282216315578760786275838429311341980620190363671723084214151227155659013391400657160851930760176397440063292176440762041670976594567738619928421485445657051001238791696204664986530771214954600225294619736323046928685393081510749211747573434651617270226694154546089487628929948791405234462278335735920949706523103535641124697958266607264246008400345465765013918544596116364568633078709274267 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'empa.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.empa.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d3446fd9fe7afcdeac1c7aa2210d64fa65b0d782 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.3.1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Silver-CP-CPS-R3.pdf' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/D3446FD9FE7AFCDEAC1C7AA2210D64FA65B0D782' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a9b1afa8301ff75df78767a39f9b735195b1f14d8b64e0294ec46994868b2e450ddde39294c102d1e5460408e4fe108d24335058bf57cacdbe6192b7aba22757cc03997b9a70b21b4c20698c7ab0a8bbdd11db8410524ef0377754e37f17966388128563057e5534fe6a26f0ebb579089fc170acf98f365a939f3ce9e9c5e09add739c920bdb2f44efaecf22f49889b606b31410f408dc61c365354e31e56fba5226451ff7eb447e14fdde84dc3459218d4a6b65ba5303940b0344cbdb6fb09decc0ce791b92e33fd41e2be10de6f0a370ed735e56b3c4be4cb1bc496947124545fc3cdc90e334f92aeaa1ba631e86ab524261bb97848f2cfe4f963154475d0a