mail.galeos.eu

- GALEOS a.s. -

Issued by StartCom Class 3 OV Server CA

About this certificate

This digital certificate with serial number 67:95:14:79:6e:3e:fc:50:65:be:30:bf:06:d0:3e:6a was issued on by StartCom Ltd..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

GALEOS a.s.

Organization: GALEOS a.s.
State / Province: Praha
Locality: Prague
Country: CZ

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: StartCom Certification Authority
Country: IL

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 67:95:14:79:6e:3e:fc:50:65:be:30:bf:06:d0:3e:6a
Serial Number (int): 137684551066687257485725123382105620074
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 30:79:04:e4:15:e9:a2:cc:06:a1:ba:f5:cf:b8:41:69:e6:21:36:77
AuthorityKeyId: b1:3f:1c:92:7b:92:b0:5a:25:b3:38:fb:9c:07:a4:26:50:32:e3:51

Fingerprint (sha1): d9:75:f9:14:36:1a:c9:aa:5e:2e:82:fe:6e:82:54:60:c5:9f:10:0a
Fingerprint (sha256): 00:0c:dd:73:57:72:6a:86:94:d5:6b:98:8c:6b:d2:05:81:3c:d4:72:a4:cf:6b:0a:fb:e5:ee:92:58:83:13:44

Issuing Certificate URL: http://aia.startssl.com/certs/sca.server3.crt

Revocation information

OCSP Server: http://ocsp.startssl.com
CRL Distribution Point: http://crl.startssl.com/sca-server3.crl

Check the revocation status for certificate mail.galeos.eu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mail.galeos.eu


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

11 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mail.galeos.eu

Certificate

The complete raw certificate details for mail.galeos.eu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgIQZ5UUeW4+/FBlvjC/BtA+ajANBgkqhkiG9w0BAQsFADB4
MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg
U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0
Q29tIENsYXNzIDMgT1YgU2VydmVyIENBMB4XDTE2MDgwMTA4MDkwOVoXDTE5MDgw
MTA4MDkwOVowXTELMAkGA1UEBhMCQ1oxDjAMBgNVBAgMBVByYWhhMQ8wDQYDVQQH
DAZQcmFndWUxFDASBgNVBAoMC0dBTEVPUyBhLnMuMRcwFQYDVQQDDA5tYWlsLmdh
bGVvcy5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTH4HMG1jgt
awhvn14iFyXsWAgl4sK46RQipQdzodzoEh0wLUU0/AqEz5EgTyJfIlrn1SSYSSJ+
syUFg5NhuG4nmaQ3EEI9/o8JJqbhXnC5IIfMZI0Ql372bsMfrISVDkwX0uFEJ0Zy
242m8WoFvyULf5W3Js1KPpYswyXBtQ2V8Gwp3AYJxStAp18Wpsu2IuFcaMn9ZrSL
KUOTY4tkgj4c8daYD4xmnIcv1eeNB1GdHUB1xevRkqaGEJYr4eyjvrSkVx8bgItg
ktUPuOisMdTX5KTuD2ChwypaXRBS2PpMfUW6dN/VOmph62MrPc9HhN0SgQcespK1
opYRO7vIcHUCAwEAAaOCAsUwggLBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU
BggrBgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUMHkE5BXp
oswGobr1z7hBaeYhNncwHwYDVR0jBBgwFoAUsT8cknuSsFolszj7nAekJlAy41Ew
bwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5zdGFydHNz
bC5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRz
L3NjYS5zZXJ2ZXIzLmNydDA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLnN0
YXJ0c3NsLmNvbS9zY2Etc2VydmVyMy5jcmwwGQYDVR0RBBIwEIIObWFpbC5nYWxl
b3MuZXUwIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20vMFEGA1Ud
IARKMEgwCAYGZ4EMAQICMDwGCysGAQQBgbU3AQIFMC0wKwYIKwYBBQUHAgEWH2h0
dHBzOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kwggEFBgorBgEEAdZ5AgQCBIH2
BIHzAPEAdwBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAVZFSiHd
AAAEAwBIMEYCIQDI4e2ojkvv2KwJ4gQK0r0tfRk1g/zltEhBcgtNIuI6zwIhAOhL
IdtIRlj8d1rOtWvto+nu5WyQmlNM0dzA11dHVvQeAHYApLkJkLQYWBSHuxOizGdw
Cjw1mAT5G9+443fNDsgN3BAAAAFWRUoixgAABAMARzBFAiBWh/29pJCveFUxR9nD
aHau+28iL0WAzE6NTj1VhaXhBgIhAN875BBkc7nYWXc8M1tMoR1BS7ZAB9MpHESC
8OARDVp5MA0GCSqGSIb3DQEBCwUAA4IBAQCheDIhdlAt0g+/vULbsA5QWx3psEzi
gpJsNVZMKmEalFGQM0UY5mgVvJwPljJf7qwlEt6Rv6XwQlO5se0cJn3JeucMtKr0
yUPe9YMIcrBnFfwOAOjHrk7BiABM1hQhYYrK2yqRBmDDrmjb2NUVTyI2iWCVqi88
41Kb36ZgcH8f04HiDx1I8bDJDUPshHIsCeOkJxQNiaroYAsRUYjz5fsHxiaWrzH2
vAHv4FMPZtBDtruqyAH8vdiIYOhK6aCeA4VBFsL8vFshxs/kHXtEwiSmjTf4qQIz
eyfZC5AgHbj6t69iUTDYzYArr2A35ZB6AxFiBJX3FJGhl9L4wVjyWCpm
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMfgcwbWOC1rCG+fXiIX
JexYCCXiwrjpFCKlB3Oh3OgSHTAtRTT8CoTPkSBPIl8iWufVJJhJIn6zJQWDk2G4
bieZpDcQQj3+jwkmpuFecLkgh8xkjRCXfvZuwx+shJUOTBfS4UQnRnLbjabxagW/
JQt/lbcmzUo+lizDJcG1DZXwbCncBgnFK0CnXxamy7Yi4Vxoyf1mtIspQ5Nji2SC
Phzx1pgPjGachy/V540HUZ0dQHXF69GSpoYQlivh7KO+tKRXHxuAi2CS1Q+46Kwx
1NfkpO4PYKHDKlpdEFLY+kx9Rbp039U6amHrYys9z0eE3RKBBx6ykrWilhE7u8hw
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 137684551066687257485725123382105620074
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 3 OV Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-01 08:09:09 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-01 08:09:09 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Praha'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Prague'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GALEOS a.s.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'mail.galeos.eu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22821457795353658988426756659297976388759328809978418576303563184445698138066259352074941437791819272291807744633271770683836205155082245936739430127675847395490333261064127063000024735166866789747536866744421970201963685403501511832232536196486098467123434841623996756387654170945429456581601469955673811523687866421190009961488890897674438934404171079210489347568094392359197204900775621106103923025696540226114920390598845688209964537538682011443264139494741138808917902728247083363337465536506250217260265535723630226170663989330466553184887470038798108073023553052898002967919554004825922937040128252066652516469
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							307904e415e9a2cc06a1baf5cfb84169e6213677
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b13f1c927b92b05a25b338fb9c07a4265032e351
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server3.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.galeos.eu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.startssl.com/policy'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100770068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000156454a21dd0000040300483046022100c8e1eda88e4befd8ac09e2040ad2bd2d7d193583fce5b44841720b4d22e23acf022100e84b21db484658fc775aceb56beda3e9eee56c909a534cd1dcc0d7574756f41e007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000156454a22c6000004030047304502205687fdbda490af78553147d9c36876aefb6f222f4580cc4e8d4e3d5585a5e106022100df3be4106473b9d859773c335b4ca11d414bb64007d3291c4482f0e0110d5a79
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a178322176502dd20fbfbd42dbb00e505b1de9b04ce282926c35564c2a611a945190334518e66815bc9c0f96325feeac2512de91bfa5f04253b9b1ed1c267dc97ae70cb4aaf4c943def5830872b06715fc0e00e8c7ae4ec188004cd61421618acadb2a910660c3ae68dbd8d5154f2236896095aa2f3ce3529bdfa660707f1fd381e20f1d48f1b0c90d43ec84722c09e3a427140d89aae8600b115188f3e5fb07c62696af31f6bc01efe0530f66d043b6bbaac801fcbdd88860e84ae9a09e03854116c2fcbc5b21c6cfe41d7b44c224a68d37f8a902337b27d90b90201db8fab7af625130d8cd802baf6037e5907a0311620495f71491a197d2f8c158f2582a66