leben.nationalesuisse.ch

- Helvetia Swiss Insurance Company Ltd -

Issued by SwissSign Server Gold CA 2014 - G22

About this certificate

This digital certificate with serial number 45:16:9a:35:ac:83:d3:10:cc:d3:ba:c1:fb:b1:2c:75:e8:a5:41:72 was issued on by SwissSign AG.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Helvetia Swiss Insurance Company Ltd

Organization: Helvetia Swiss Insurance Company Ltd
State / Province: St. Gallen
Locality: St. Gallen
Country: CH

SwissSign AG

Organization: SwissSign AG
Country: CH

This certificate has expire since

Certificate Details

Serial Number (hex): 45:16:9a:35:ac:83:d3:10:cc:d3:ba:c1:fb:b1:2c:75:e8:a5:41:72
Serial Number (int): 394424413137523225851864327588934496077520126322
Serial Number lenght: 159 bits, 20 octets

SubjectKeyId: 40:03:0d:d3:27:8d:65:17:07:66:4a:39:d6:70:70:05:60:5e:bf:90
AuthorityKeyId: e7:f1:e7:fd:2e:53:ad:11:e5:81:1a:57:a4:73:8f:12:7d:98:c8:ae

Fingerprint (sha1): a8:b0:e5:33:17:d5:2f:fb:c3:56:c7:d4:41:7d:9c:91:51:81:13:28
Fingerprint (sha256): ef:19:ad:36:09:ba:85:e0:a8:59:48:8a:d4:85:bb:38:f0:e6:74:d6:c8:89:5f:03:6e:d8:f2:c1:7a:e5:e9:2e

Issuing Certificate URL: http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE

Revocation information

OCSP Server: http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE
CRL Distribution Point: ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint

Check the revocation status for certificate leben.nationalesuisse.ch

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for leben.nationalesuisse.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

leben.nationalesuisse.ch

Other certificates including the domain name nationalesuisse.ch

(limited to 100 certificates)
leben.nationalesuisse.ch
www.nationalesuisse.ch
www.nationalesuisse.ch
swissforms.nationalesuisse.ch
*.nationalesuisse.ch
extranet.nationalesuisse.ch
www.nationalesuisse.ch
leben.nationalesuisse.ch
nationalesuisse.ch
elmnet.nationalesuisse.ch
mobile11.nationalesuisse.ch
www.nationalesuisse.ch
www.nationalesuisse.ch
mobile01.nationalesuisse.ch
mobile10.nationalesuisse.ch
extranet.nationalesuisse.ch
decla.nationalesuisse.ch
karriere.nationalesuisse.ch
www.nationalesuisse.ch
*.nationalesuisse.ch
bsse.nationalesuisse.ch
karriere.nationalesuisse.ch
eplink.nationalesuisse.ch
igb2b.nationalesuisse.ch
extranet.nationalesuisse.ch
mobile11.nationalesuisse.ch
*.nationalesuisse.ch
swissforms.nationalesuisse.ch
leben.nationalesuisse.ch
www.nationalesuisse.ch
leben.nationalesuisse.ch
karriere.nationalesuisse.ch
leben.nationalesuisse.ch
www.nationalesuisse.ch
leben.nationalesuisse.ch
*.nationalesuisse.ch

Certificate

The complete raw certificate details for leben.nationalesuisse.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIITDCCBzSgAwIBAgIURRaaNayD0xDM07rB+7EsdeilQXIwDQYJKoZIhvcNAQEL
BQAwUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoGA1UE
AxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwHhcNMTkwNDI1
MDYzNzI2WhcNMjEwNDI1MDYzNzI2WjCBiTELMAkGA1UEBhMCQ0gxEzARBgNVBAgT
ClN0LiBHYWxsZW4xEzARBgNVBAcTClN0LiBHYWxsZW4xLTArBgNVBAoTJEhlbHZl
dGlhIFN3aXNzIEluc3VyYW5jZSBDb21wYW55IEx0ZDEhMB8GA1UEAxMYbGViZW4u
bmF0aW9uYWxlc3Vpc3NlLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzI9lsotITP2juWn9fqWRl/bCAL3LPiq44s+ApDdz4ZqNHRmlnY1qm269HEb2
CjIsdDtyNoy28cAM4tYTaHvMKu9guzAiOA00bLnO5Xl9yTeyZbt7qhZXJw+0nw1q
0p5rQl709T5/57ZGoEEJCmREp+w47KjhLsuvC7Wc2Il7oDS0Kxd93xr1yut53Zzi
jBk2K919cnI9qYODtxPq0YlVJ+MHPnhPzQtu3I6TFzub1uEgr5gDQAapt8vzbDbz
xabfKhXLogGhAstZyO7dRTt9fI8zjVhincaj1d/JbnIIr3ieUSbBcYDJs6ArCEuE
g+ArGQBsPSSUkdid5e40+CB5eQIDAQABo4IE4DCCBNwwIwYDVR0RBBwwGoIYbGVi
ZW4ubmF0aW9uYWxlc3Vpc3NlLmNoMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFEADDdMnjWUXB2ZKOdZwcAVg
Xr+QMB8GA1UdIwQYMBaAFOfx5/0uU60R5YEaV6RzjxJ9mMiuMIH/BgNVHR8Egfcw
gfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5ldC9FN0YxRTdGRDJFNTNB
RDExRTU4MTFBNTdBNDczOEYxMjdEOThDOEFFMIGooIGloIGihoGfbGRhcDovL2Rp
cmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPUU3RjFFN0ZEMkU1M0FEMTFFNTgxMUE1
N0E0NzM4RjEyN0Q5OEM4QUUlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNh
dGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlv
blBvaW50MHMGA1UdIARsMGowVAYJYIV0AVkBAgELMEcwRQYIKwYBBQUHAgEWOWh0
dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduLUdvbGQtQ1At
Q1BTLnBkZjAIBgYEAI96AQcwCAYGZ4EMAQICMIHVBggrBgEFBQcBAQSByDCBxTBk
BggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3Jp
dHkvZG93bmxvYWQvRTdGMUU3RkQyRTUzQUQxMUU1ODExQTU3QTQ3MzhGMTI3RDk4
QzhBRTBdBggrBgEFBQcwAYZRaHR0cDovL2dvbGQtc2VydmVyLWcyLm9jc3Auc3dp
c3NzaWduLm5ldC9FN0YxRTdGRDJFNTNBRDExRTU4MTFBNTdBNDczOEYxMjdEOThD
OEFFMIIB9QYKKwYBBAHWeQIEAgSCAeUEggHhAd8AdgBElGUusO7Or8RAB9io/ijA
2uaCvtjLMbU/0zOWtbaBqAAAAWpTNpspAAAEAwBHMEUCIEQLDbzTMg+SOHucyWSd
RSHv+odmLsHL/RT9p57CG9P8AiEAurhReaVbMCXP/jPzVmRskkNVE9mzn1z1FEeq
ZAei9CYAdQBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWpTNpvX
AAAEAwBGMEQCIC+u5dndhGceaKwdxGVJczAfWNEjxl+Er8NLpBozoi0lAiBAuoEl
xUgEIdFYKdDgIpBtZt0cVBPsbgECthWAXh398gB2ALvZ37wfinG1k5Qjl6qSe0c4
V5UKq1LoGpCWZDaOHtGFAAABalM2mpMAAAQDAEcwRQIgLkQW4gA5hG/x53vPGLtc
oOD+mCTVrDb8rf9a60Y+EHICIQDNf/OwKt8E9GSsTVTd75cbGqWapINuQAx5RCkq
Z4SmCAB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABalM2mlMA
AAQDAEcwRQIgV0WW2mZPJz0qsF0n0xUs8bxd7wV1ROMdLWVElTtzwJICIQDxI2O+
37HVe6UNyDL/gCueWMV8DLd1a1NCnDuFhxT6ZTANBgkqhkiG9w0BAQsFAAOCAQEA
AQtDf5yFxfMwtZoKkuF13jvOddzOIueDWxwXxDca5c+mI7ZGGqTzqXD3mGKUvfR9
qtVYM5RWA+O6NwlnlCMotSN+vywZ0O2P8aAiPfjEYbZlOLuQWyVLFbKfjEsL3W4i
5QkR2KJ7tpuyDRND4tWsn3A2dBJWtnEaPIKanTl5kFU7YTwuowHYGis5AxWJZbLx
ZCsVFs84rB0u5n3T9/z8EcGnwMrf93aIL2u8UVdynq+BvJDtdwPU7fstId0++Zml
M7IDQOJU67koeHpoRx4c9rOf326dbAs6t1z9fQnvKwkgj3uplkwwAKwsOw6ucntd
LBMXQGQ8Fciw5zZ+MM+oSw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI9lsotITP2juWn9fqWR
l/bCAL3LPiq44s+ApDdz4ZqNHRmlnY1qm269HEb2CjIsdDtyNoy28cAM4tYTaHvM
Ku9guzAiOA00bLnO5Xl9yTeyZbt7qhZXJw+0nw1q0p5rQl709T5/57ZGoEEJCmRE
p+w47KjhLsuvC7Wc2Il7oDS0Kxd93xr1yut53ZzijBk2K919cnI9qYODtxPq0YlV
J+MHPnhPzQtu3I6TFzub1uEgr5gDQAapt8vzbDbzxabfKhXLogGhAstZyO7dRTt9
fI8zjVhincaj1d/JbnIIr3ieUSbBcYDJs6ArCEuEg+ArGQBsPSSUkdid5e40+CB5
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 394424413137523225851864327588934496077520126322
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SwissSign Server Gold CA 2014 - G22'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-25 06:37:26 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-25 06:37:26 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'St. Gallen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'St. Gallen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Helvetia Swiss Insurance Company Ltd'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'leben.nationalesuisse.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25823326035286077905736822731479209261744073794155945904440790581711487928317825700600437772918240527455123043229971193944777469435198697270728659524388290860739735598891519570556627557634258709022593586615373110855827351658278610171529527923080966815584632242096493371288999236344542461940617597098372109630315008426653155730954907284399756490386259992992787745533217958804847077721812555531835557852129046579081756745097893620614543024990438230436239657682917826511621608346949243843607564335634950076930658153903826507068287203559139462151936055656729134796645593773558407270889352990288748136886135439244398721401
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'leben.nationalesuisse.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							40030dd3278d651707664a39d6707005605ebf90
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e7f1e7fd2e53ad11e5811a57a4738f127d98c8ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://directory.swisssign.net/CN=E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE%2CO=SwissSign%2CC=CH?certificateRevocationList?base?objectClass=cRLDistributionPoint'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.756.1.89.1.2.1.11
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://repository.swisssign.com/SwissSign-Gold-CP-CPS.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.4.0.2042.1.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (200 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://swisssign.net/cgi-bin/authority/download/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gold-server-g2.ocsp.swisssign.net/E7F1E7FD2E53AD11E5811A57A4738F127D98C8AE'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes)
							01df0076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016a53369b2900000403004730450220440b0dbcd3320f92387b9cc9649d4521effa87662ec1cbfd14fda79ec21bd3fc022100bab85179a55b3025cffe33f356646c92435513d9b39f5cf51447aa6407a2f4260075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016a53369bd7000004030046304402202faee5d9dd84671e68ac1dc4654973301f58d123c65f84afc34ba41a33a22d25022040ba8125c5480421d15829d0e022906d66dd1c5413ec6e0102b615805e1dfdf2007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016a53369a93000004030047304502202e4416e20039846ff1e77bcf18bb5ca0e0fe9824d5ac36fcadff5aeb463e1072022100cd7ff3b02adf04f464ac4d54ddef971b1aa59aa4836e400c7944292a6784a608007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016a53369a5300000403004730450220574596da664f273d2ab05d27d3152cf1bc5def057544e31d2d6544953b73c092022100f12363bedfb1d57ba50dc832ff802b9e58c57c0cb7756b53429c3b858714fa65
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00010b437f9c85c5f330b59a0a92e175de3bce75dcce22e7835b1c17c4371ae5cfa623b6461aa4f3a970f7986294bdf47daad55833945603e3ba370967942328b5237ebf2c19d0ed8ff1a0223df8c461b66538bb905b254b15b29f8c4b0bdd6e22e50911d8a27bb69bb20d1343e2d5ac9f7036741256b6711a3c829a9d397990553b613c2ea301d81a2b3903158965b2f1642b1516cf38ac1d2ee67dd3f7fcfc11c1a7c0cadff776882f6bbc5157729eaf81bc90ed7703d4edfb2d21dd3ef999a533b20340e254ebb928787a68471e1cf6b39fdf6e9d6c0b3ab75cfd7d09ef2b09208f7ba9964c3000ac2c3b0eae727b5d2c131740643c15c8b0e7367e30cfa84b