sonrail.empa.ch
Issued by SwissSign RSA TLS DV ICA 2021 - 1
About this certificate
This digital certificate with serial number 12:8d:ca:ce:d4:9e:d3:76:42:f5:8b:aa:f1:c9:a9:e5:53:49:c1:1c was issued on by SwissSign AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=sonrail.empa.ch
SwissSign AG
Organization:
SwissSign AG
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 12:8d:ca:ce:d4:9e:d3:76:42:f5:8b:aa:f1:c9:a9:e5:53:49:c1:1cSerial Number (int): 105923906010368737550422289602566528972377145628
Serial Number lenght: 157 bits, 20 octets
SubjectKeyId: cf:85:16:83:88:2a:41:39:77:ab:0f:aa:3b:9f:96:77:19:bd:9e:a4
AuthorityKeyId: 3c:9e:52:79:03:63:6f:4f:9c:81:1b:d3:28:70:0c:24:5a:ea:a5:87
Fingerprint (sha1): b9:9a:e9:5c:b4:c1:ff:91:31:ba:b5:21:81:f0:2c:bd:b4:ac:3f:0b
Fingerprint (sha256): e9:28:a0:fe:36:ce:c1:92:19:82:a6:d1:f3:cb:1d:ee:60:35:4e:48:ee:ef:b9:eb:ac:7d:a7:5f:6f:62:12:46
Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587
Revocation information
OCSP Server: http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587CRL Distribution Point: http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587
CRL Distribution Point: ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint
Check the revocation status for certificate sonrail.empa.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sonrail.empa.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sonrail.empa.ch
www.sonrail.empa.ch
www.sonrail.empa.ch
Other certificates including the domain name empa.ch
(limited to 100 certificates)
certest-win.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
sonrail.empa.ch
certest-win.empa.ch
events.empa.ch
events.empa.ch
sonroad18.empa.ch
sontram.empa.ch
sonrail.empa.ch
sip.empa.ch
sonroad18.empa.ch
sbc.empa.ch
sonrail.empa.ch
events.empa.ch
sonroad18.empa.ch
test2.empa.ch
events.empa.ch
events.empa.ch
*.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
*.empa.ch
sontram.empa.ch
certest-win.empa.ch
*.empa.ch
sip.empa.ch
*.empa.ch
sontram.empa.ch
sip.empa.ch
events.empa.ch
adobesync.empa.ch
*.empa.ch
*.empa.ch
certest-win.empa.ch
sonroad18.empa.ch
events.empa.ch
test.empa.ch
*.empa.ch
sontram.empa.ch
test2.empa.ch
sip.empa.ch
certest-win.empa.ch
*.empa.ch
adobesync.empa.ch
sontram.empa.ch
sbc.empa.ch
sonrail.empa.ch
*.empa.ch
*.empa.ch
sonroad18.empa.ch
test.empa.ch
sonrail.empa.ch
sontram.empa.ch
sonroad18.empa.ch
Certificate
The complete raw certificate details for sonrail.empa.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJwzCCB6ugAwIBAgIUEo3KztSe03ZC9Yuq8cmp5VNJwRwwDQYJKoZIhvcNAQEL BQAwUDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEqMCgGA1UE AxMhU3dpc3NTaWduIFJTQSBUTFMgRFYgSUNBIDIwMjEgLSAxMB4XDTIyMTEyODA3 MDExNloXDTIzMTEyODA3MDExNlowGjEYMBYGA1UEAxMPc29ucmFpbC5lbXBhLmNo MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zMCnvKNbYM91SHJgBnn nPvAgZ7iFoay3gvYLJCjO7LZWtsdNWfTWsbZvoJYvlzVNTK0qMPKVA2IWtUFhd4Z BIhzHHKGOWP8I8GWtq+GcNkwrZ64VLUuk5Z+Vuh33Sa6U78hI5H4/mkqjyOO4KKk M3SpGYV/XBhEcrhKxxsiyu9ZhvFd6RhR+jU8mNtZ7Feid4xvIX2AMDBp616oxuDz mVXOrmQS/YLvfXsniZTFvY5T+yK7+cXxbYzTMyWBE3vZ3TyNkI+zYSRxb0xgbid5 UEK//cuu3Wjp9AblFMFXWA3FQU4mgtzzSO8pOPsNq0xhjMEfupiNYGUEydQgyVr3 YQIDAQABo4IFyTCCBcUwLwYDVR0RBCgwJoIPc29ucmFpbC5lbXBhLmNoghN3d3cu c29ucmFpbC5lbXBhLmNoMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFM+FFoOIKkE5d6sPqjuflncZvZ6kMB8G A1UdIwQYMBaAFDyeUnkDY29PnIEb0yhwDCRa6qWHMIH/BgNVHR8EgfcwgfQwR6BF oEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5ldC8zQzlFNTI3OTAzNjM2RjRGOUM4 MTFCRDMyODcwMEMyNDVBRUFBNTg3MIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9y eS5zd2lzc3NpZ24ubmV0L0NOPTNDOUU1Mjc5MDM2MzZGNEY5QzgxMUJEMzI4NzAw QzI0NUFFQUE1ODclMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZv Y2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50 MG8GA1UdIARoMGYwUAYIYIV0AVkCAQEwRDBCBggrBgEFBQcCARY2aHR0cHM6Ly9y ZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduX0NQU19UTFMucGRmMAgG BgQAj3oBBjAIBgZngQwBAgEwgcYGCCsGAQUFBwEBBIG5MIG2MGQGCCsGAQUFBzAC hlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2ktYmluL2F1dGhvcml0eS9kb3dubG9h ZC8zQzlFNTI3OTAzNjM2RjRGOUM4MTFCRDMyODcwMEMyNDVBRUFBNTg3ME4GCCsG AQUFBzABhkJodHRwOi8vb2NzcC5zd2lzc3NpZ24ubmV0LzNDOUU1Mjc5MDM2MzZG NEY5QzgxMUJEMzI4NzAwQzI0NUFFQUE1ODcwggLlBgorBgEEAdZ5AgQCBIIC1QSC AtECzwB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABhL0KRi8A AAQDAEcwRQIgCwUFnXKMfK14U8+bLtTb7XcJNDOay1qQJJ5+wIxPb3kCIQDs5WN9 4qtdTTSF08VjPKJHJV7k8HDlEK16FpIdEYlxCwB1AG9Tdqwx8DEZ2JkApFEV/3cV HBHZAsEAKQaNsgiaN9kTAAABhL0KRRQAAAQDAEYwRAIgHLylBQkoVXKQJpJJF7Ve inZc3GV8+zbIZFpu1qNvSVUCICWbWijzHijpkPmGcHmwTHRVFSIchwPSypHwwkmi e7PSAHcAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGEvQpE2wAA BAMASDBGAiEAhHf1N59IDz4sUV/pQq4iMHhj3zfgdbSzy6IQOpylcLACIQCT08VA 10dg3Ho+w/CyLDHTK5tASJdF7hNUTDhrUQUTqQB2AK33vvp8/xDIi509nB4+GGq0 Zyldz7EMJMqFhjTr3IKKAAABhL0KRiMAAAQDAEcwRQIgHmyFesw/dFJ31oHwHbzV +MOclGh6vNTEgoE+m+F9FT8CIQDpVWERRDJvVe7RlPixScW33Dq9ukDzb2oSS9Ei yB+OmAB1ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABhL0KRokA AAQDAEYwRAIgXf0oZXq5zdB9OdNTSpi9C2jU2K0omWLYgpOzpc1/5rQCIA97jQ6d E5WjrdWIrbuDRly8oKjY6X+U1r4ReVpD5Cv6AHYA6D7Q2j71BjUy51covIlryQPT y9ERa+zraeF3fW0GvW4AAAGEvQpFCgAABAMARzBFAiBaNzMeX4vycCFXoW4CRcCS tGXNwPK22XKH1kraUXmgVQIhALzL+1/GfK0N2OI2Mk5hXdfy1aynkmwTNjDbBLtP eeu/MA0GCSqGSIb3DQEBCwUAA4ICAQB7EeRUBj9Y2YCToq9eTMnSE6RILiAmfVFl OQD9rrvzA0CroyZaX8j0hz22EhVcx48Opo3Swkfd1OgMN8vnimwauMw4G9vBf7MH ltoTlzBGpi/2Us1a8NrUGNUVG3mwJVYdQtlJa/5yax7sykN4FffYUarHfphx+Egv QYfeB1lVIQt3bizlU4UGV2k6cPfI15nxqnnBYbyH96r+agSJS8CrokDTIN7HBknZ HDa2j71dsYHufd8XmFgY+udX5O7WC2a/7jb3lgUJofGj4BIwLNVwmHO1/I0vTPfi fPeXKs52oUYQSCJWbRYTHA4LOJRNIWRw4HruZhXycAzg6zcm6C4IFEejJm6jhTgM qGQzliZID0/TyC3euNk+7pnWtaH1/DGY69R8qsafAwTqywpd80YMCiDrkMJXc67b b7UDPeT5Mpqw0bQ9A6Aq82hFAvJCLGrYppnCSdvHrGqd3B1iKZ7khBcJZ0dVUe5u rwM2XPtd+KsG8/Ndy9vEqgv0soZauP247MN3hr2H7dzehndYZCLavmE9lyX55z5R lMdJF+bX7AL5m+UbmM6cVrWDREj96A4/29LG8Aje2AWuzQ0OLpU723fN/da1h0Hp nrBewasQJmKnb5kcxPiu0Qy6LYv9y/Z8WIKMM/tYL29yvfBLzlAdlNVPvuyA31GQ djRB1YURlA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zMCnvKNbYM91SHJgBnn nPvAgZ7iFoay3gvYLJCjO7LZWtsdNWfTWsbZvoJYvlzVNTK0qMPKVA2IWtUFhd4Z BIhzHHKGOWP8I8GWtq+GcNkwrZ64VLUuk5Z+Vuh33Sa6U78hI5H4/mkqjyOO4KKk M3SpGYV/XBhEcrhKxxsiyu9ZhvFd6RhR+jU8mNtZ7Feid4xvIX2AMDBp616oxuDz mVXOrmQS/YLvfXsniZTFvY5T+yK7+cXxbYzTMyWBE3vZ3TyNkI+zYSRxb0xgbid5 UEK//cuu3Wjp9AblFMFXWA3FQU4mgtzzSO8pOPsNq0xhjMEfupiNYGUEydQgyVr3 YQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 105923906010368737550422289602566528972377145628 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign RSA TLS DV ICA 2021 - 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-28 07:01:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-28 07:01:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sonrail.empa.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29691155752811217713642461625604034160385722002234299331176568787067160213970135129139623757993690434037925635155058947432243259277631730422903690972461453621055336487514300530823551032754091225730745872664095652464758036292462768364257405142726202154461307356253009317730282693267705341565751958877104315822657377035898311107136601539702242578003698248053344272629818719124840504040435505395117033783834932779607265561260161879789559743645488557623586142277774205365408313763823411899259225236498990912118242881842042510177152986477622895321649621875473439717602742138670004470269853221180652436661076854617235191649 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonrail.empa.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sonrail.empa.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cf851683882a413977ab0faa3b9f967719bd9ea4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3c9e527903636f4f9c811bd328700c245aeaa587 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=3C9E527903636F4F9C811BD328700C245AEAA587%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.2.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://repository.swisssign.com/SwissSign_CPS_TLS.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (185 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.swisssign.net/3C9E527903636F4F9C811BD328700C245AEAA587' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (725 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (721 bytes) 02cf0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000184bd0a462f000004030047304502200b05059d728c7cad7853cf9b2ed4dbed770934339acb5a90249e7ec08c4f6f79022100ece5637de2ab5d4d3485d3c5633ca247255ee4f070e510ad7a16921d1189710b0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000184bd0a4514000004030046304402201cbca505092855729026924917b55e8a765cdc657cfb36c8645a6ed6a36f49550220259b5a28f31e28e990f9867079b04c745515221c8703d2ca91f0c249a27bb3d20077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000184bd0a44db00000403004830460221008477f5379f480f3e2c515fe942ae22307863df37e075b4b3cba2103a9ca570b002210093d3c540d74760dc7a3ec3f0b22c31d32b9b40489745ee13544c386b510513a9007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000184bd0a4623000004030047304502201e6c857acc3f745277d681f01dbcd5f8c39c94687abcd4c482813e9be17d153f022100e955611144326f55eed194f8b149c5b7dc3abdba40f36f6a124bd122c81f8e98007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000184bd0a4689000004030046304402205dfd28657ab9cdd07d39d3534a98bd0b68d4d8ad289962d88293b3a5cd7fe6b402200f7b8d0e9d1395a3add588adbb83465cbca0a8d8e97f94d6be11795a43e42bfa007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000184bd0a450a000004030047304502205a37331e5f8bf2702157a16e0245c092b465cdc0f2b6d97287d64ada5179a055022100bccbfb5fc67cad0dd8e236324e615dd7f2d5aca7926c133630db04bb4f79ebbf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 007b11e454063f58d98093a2af5e4cc9d213a4482e20267d51653900fdaebbf30340aba3265a5fc8f4873db612155cc78f0ea68dd2c247ddd4e80c37cbe78a6c1ab8cc381bdbc17fb30796da13973046a62ff652cd5af0dad418d5151b79b025561d42d9496bfe726b1eecca437815f7d851aac77e9871f8482f4187de075955210b776e2ce553850657693a70f7c8d799f1aa79c161bc87f7aafe6a04894bc0aba240d320dec70649d91c36b68fbd5db181ee7ddf17985818fae757e4eed60b66bfee36f7960509a1f1a3e012302cd5709873b5fc8d2f4cf7e27cf7972ace76a146104822566d16131c0e0b38944d216470e07aee6615f2700ce0eb3726e82e081447a3266ea385380ca864339626480f4fd3c82ddeb8d93eee99d6b5a1f5fc3198ebd47caac69f0304eacb0a5df3460c0a20eb90c25773aedb6fb5033de4f9329ab0d1b43d03a02af3684502f2422c6ad8a699c249dbc7ac6a9ddc1d62299ee484170967475551ee6eaf03365cfb5df8ab06f3f35dcbdbc4aa0bf4b2865ab8fdb8ecc37786bd87eddcde8677586422dabe613d9725f9e73e5194c74917e6d7ec02f99be51b98ce9c56b5834448fde80e3fdbd2c6f008ded805aecd0d0e2e953bdb77cdfdd6b58741e99eb05ec1ab102662a76f991cc4f8aed10cba2d8bfdcbf67c58828c33fb582f6f72bdf04bce501d94d54fbeec80df5190763441d5851194