*.swissinstitute.net
- Martin Maugeais -
Issued by StartCom Class 2 Primary Intermediate Server CA
About this certificate
This digital certificate with serial number 07:ac:e2:35:87:6b:db was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Martin Maugeais
Organization:
Martin Maugeais
State / Province:
New York
Locality: Brooklyn
Country: US
Locality: Brooklyn
Country: US
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Organization unit: Secure Digital Certificate Signing
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 07:ac:e2:35:87:6b:dbSerial Number (int): 2160412397628379
Serial Number lenght: 51 bits, 7 octets
SubjectKeyId: 49:3a:f9:5d:be:6f:9d:ad:f1:66:1b:5b:6d:b3:8f:c4:97:1a:dc:c9
AuthorityKeyId: 11:db:23:45:fd:54:cc:6a:71:6f:84:8a:03:d7:be:f7:01:2f:26:86
Fingerprint (sha1): e6:b4:53:e6:d3:b9:8b:f6:f5:a8:87:55:28:34:4b:4f:1a:0c:08:09
Fingerprint (sha256): 00:18:2c:dd:5f:7a:6b:a5:8d:19:56:dd:87:30:f3:ee:e5:0d:81:38:e4:8a:b8:c8:f3:97:69:4c:bf:80:6b:b0
Issuing Certificate URL: http://aia.startssl.com/certs/sub.class2.server.ca.crt
Revocation information
OCSP Server: http://ocsp.startssl.com/sub/class2/server/caCRL Distribution Point: http://crl.startssl.com/crt2-crl.crl
Check the revocation status for certificate *.swissinstitute.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.swissinstitute.net
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.swissinstitute.net
swissinstitute.net
swissinstitute.net
Other certificates including the domain name swissinstitute.net
(limited to 100 certificates)
*.swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
www.swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
*.swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
www.swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
*.swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
sni181092.cloudflaressl.com
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
swissinstitute.net
Certificate
The complete raw certificate details for *.swissinstitute.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHoTCCBomgAwIBAgIHB6ziNYdr2zANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UE BhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBE aWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENs YXNzIDIgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMB4XDTE1MDcxNjA2 MTQwN1oXDTE3MDcxNTIyNTUxNlowgZkxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhO ZXcgWW9yazERMA8GA1UEBxMIQnJvb2tseW4xGDAWBgNVBAoTD01hcnRpbiBNYXVn ZWFpczEdMBsGA1UEAxQUKi5zd2lzc2luc3RpdHV0ZS5uZXQxKzApBgkqhkiG9w0B CQEWHHdlYm1hc3RlckBzd2lzc2luc3RpdHV0ZS5uZXQwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQDRaHLmFyBuH2/hwNlDbCRAjQchwWYJ/Nu2wuX3LGfk jb+6SCYgoou8dZZSKr6Y54uCwmLtFkHocqW9P2b5swQb8iHUVSlzElmqzSi0gg5w piV1uJiQXET8znuWpFbiNL4ImZOwm/AkzPmgLH0C8AHeg3COomIe8RbRDSXMeF1J kI2R/YqGjF6sj5VuoI33p5J+j2qhHMJRK0kXtutftxsWs7PKsYWBXTnKZZP7v7e6 9GR/IRL36VNY02j38m7tvTp4yTn3sQJSLcbcGa2y8zYslCl2ZGHghWLTy9X2ZD2c sqV8rC+4emttM0g9zGgQF3zBGZ1n4kjn+LZzsx9NqJTHIdHQ9HgvAGT4OV3fOUz1 TAT14V4OzTx1wlA16JFqy07dTeFdoH/tdniVbrJaeuZyInWg4ijIc8lImp+JwR8X dvtOjgHqr7xyUJLOFSm++qD2hB+60lCRiJrTZFBd8qgB/EHtthyzJV23lbqzHtZ7 Uc2qws2zrYswaWEOGqXqNPZFIHtpWM4A7fPxN4jnDuXSya85cHnDjYFBZtpZJHdr 4G1rXHHgbJkUo9rqdw0LsjoAF6JPbBpjKqa10/NU5lx6rOGgWmq8ljlcf/ezFp1p iToXf+wNnhOhsmNu+TbWpTsSgM9Hic42UZO1vpiBHM4CbdkPP3qeSSbiRfD2t6jM KwIDAQABo4IC9zCCAvMwCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0lBBYw FAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBRJOvldvm+drfFmG1tts4/E lxrcyTAfBgNVHSMEGDAWgBQR2yNF/VTManFvhIoD1773AS8mhjAzBgNVHREELDAq ghQqLnN3aXNzaW5zdGl0dXRlLm5ldIISc3dpc3NpbnN0aXR1dGUubmV0MIIBVgYD VR0gBIIBTTCCAUkwCAYGZ4EMAQICMIIBOwYLKwYBBAGBtTcBAgMwggEqMC4GCCsG AQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMIH3Bggr BgEFBQcCAjCB6jAnFiBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAD AgEBGoG+VGhpcyBjZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFjY29yZGluZyB0byB0 aGUgQ2xhc3MgMiBWYWxpZGF0aW9uIHJlcXVpcmVtZW50cyBvZiB0aGUgU3RhcnRD b20gQ0EgcG9saWN5LCByZWxpYW5jZSBvbmx5IGZvciB0aGUgaW50ZW5kZWQgcHVy cG9zZSBpbiBjb21wbGlhbmNlIG9mIHRoZSByZWx5aW5nIHBhcnR5IG9ibGlnYXRp b25zLjA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9j cnQyLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6 Ly9vY3NwLnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MyL3NlcnZlci9jYTBCBggrBgEF BQcwAoY2aHR0cDovL2FpYS5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMi5z ZXJ2ZXIuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t LzANBgkqhkiG9w0BAQsFAAOCAQEAXv8se5XvoxytZdIQlIui9K7Z5bvO5tfeqi/c TsTHlqFIP+1vBUvhkZE8yBMhpF2Cmtq5kDjsZiUeaMcZznAP43zU7ruGHrX14tQQ nhtSdphVD/jovejrN6hIc0ENKV7lnHTUjJJh3auP65c5D09gtSAQSFCpNBkL5RuA m6gz8cXaNckLi3TKy5Zb0lYZWAT2eFiMg+xbkAl1bX1WsqmibKvqetdrMh3EkaVR nKxW2XMtouIpDT/IXtCSd/IOIoLBzkNWZZXK1zedLBFB4e84On3hU1aJpP+3UeVm sCe/Em3mQRwKxf2bbr6gPq4Cd63DMfIKkdS4dgZAp3DiGwRuIA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0Why5hcgbh9v4cDZQ2wk QI0HIcFmCfzbtsLl9yxn5I2/ukgmIKKLvHWWUiq+mOeLgsJi7RZB6HKlvT9m+bME G/Ih1FUpcxJZqs0otIIOcKYldbiYkFxE/M57lqRW4jS+CJmTsJvwJMz5oCx9AvAB 3oNwjqJiHvEW0Q0lzHhdSZCNkf2KhoxerI+VbqCN96eSfo9qoRzCUStJF7brX7cb FrOzyrGFgV05ymWT+7+3uvRkfyES9+lTWNNo9/Ju7b06eMk597ECUi3G3BmtsvM2 LJQpdmRh4IVi08vV9mQ9nLKlfKwvuHprbTNIPcxoEBd8wRmdZ+JI5/i2c7MfTaiU xyHR0PR4LwBk+Dld3zlM9UwE9eFeDs08dcJQNeiRastO3U3hXaB/7XZ4lW6yWnrm ciJ1oOIoyHPJSJqficEfF3b7To4B6q+8clCSzhUpvvqg9oQfutJQkYia02RQXfKo AfxB7bYcsyVdt5W6sx7We1HNqsLNs62LMGlhDhql6jT2RSB7aVjOAO3z8TeI5w7l 0smvOXB5w42BQWbaWSR3a+Bta1xx4GyZFKPa6ncNC7I6ABeiT2waYyqmtdPzVOZc eqzhoFpqvJY5XH/3sxadaYk6F3/sDZ4TobJjbvk21qU7EoDPR4nONlGTtb6YgRzO Am3ZDz96nkkm4kXw9reozCsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2160412397628379 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-07-16 06:14:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-15 22:55:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brooklyn' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Martin Maugeais' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.swissinstitute.net' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 854310118117750503403149851936269760796765333537706450433799335917657267316666201964137242543075791306018640050116761240066013396884422911988441194766726018488284191214436696143271270123253467422559898243898141701757519847611988133054297023307812469772242457245978452943184398331622637883740951536084307210190160151719725367115306342409292742743831088843020935451307478488404762718152954042012438325971824057595572863888640742194758184234134338583262787345242276719063110201870267134540816044112650922933662613192667689264697454685176773253052865862161790187966906122490510340479078283928457201198876783716166001230764409083931244879188421371914016046670567233593630787665163342107479146820450814100978241040521635122946961416641238225056319519229695247291824665538664864557013168433796022466895323261380746212106384041211241694337337185482471263634457650004622414715133795239492909307061601668476832438994469600484775289004833257841648578299356651108208342327080751702644525036352734474409135363214107590637344754162306963584512812029482071369658731533367309706011780415396023660418585145106692448226499282996318079508517534556139977854389667731078108250190964713099647147268259543340563693986901496635918124005524954726974857202731 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 493af95dbe6f9dadf1661b5b6db38fc4971adcc9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 11db2345fd54cc6a716f848a03d7bef7012f2686 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.swissinstitute.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'swissinstitute.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (333 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 67 108 97 115 115 32 50 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt2-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class2/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class2.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005eff2c7b95efa31cad65d210948ba2f4aed9e5bbcee6d7deaa2fdc4ec4c796a1483fed6f054be191913cc81321a45d829adab99038ec66251e68c719ce700fe37cd4eebb861eb5f5e2d4109e1b527698550ff8e8bde8eb37a84873410d295ee59c74d48c9261ddab8feb97390f4f60b520104850a934190be51b809ba833f1c5da35c90b8b74cacb965bd256195804f678588c83ec5b9009756d7d56b2a9a26cabea7ad76b321dc491a5519cac56d9732da2e2290d3fc85ed09277f20e2282c1ce43566595cad7379d2c1141e1ef383a7de1535689a4ffb751e566b027bf126de6411c0ac5fd9b6ebea03eae0277adc331f20a91d4b8760640a770e21b046e20