www.zapfinhd.de
Issued by StartCom Class 1 DV Server CA
About this certificate
This digital certificate with serial number 51:0e:98:4b:37:4f:60:47:e3:39:bf:02:0a:dc:4e:89 was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.zapfinhd.de,C=DE
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: StartCom Certification Authority
Organization unit: StartCom Certification Authority
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 51:0e:98:4b:37:4f:60:47:e3:39:bf:02:0a:dc:4e:89Serial Number (int): 107743248700087252268935605469067366025
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 56:45:1c:89:c0:1b:9c:78:02:44:46:07:a1:c2:15:a6:7d:1c:5f:a1
AuthorityKeyId: d7:91:4e:01:c4:b0:bf:f8:c8:67:93:44:9c:e7:33:fa:ad:93:0c:af
Fingerprint (sha1): ee:29:29:77:38:e4:84:ba:f9:23:2d:8a:8a:f3:a1:b2:3c:5b:f8:01
Fingerprint (sha256): 03:1e:32:c7:49:07:ac:e5:d6:89:ec:f8:27:6b:d9:de:a3:be:ab:09:40:f1:09:cd:b9:b3:85:0d:3c:6e:58:c4
Issuing Certificate URL: http://aia.startssl.com/certs/sca.server1.crt
Revocation information
OCSP Server: http://ocsp.startssl.comCRL Distribution Point: http://crl.startssl.com/sca-server1.crl
Check the revocation status for certificate www.zapfinhd.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.zapfinhd.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.zapfinhd.de
zapfinhd.de
zapfinhd.de
Other certificates including the domain name zapfinhd.de
(limited to 100 certificates)
www.zapfinhd.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
www.zapfinhd.de
zapfinhd.de
cherry.dmath.uni-heidelberg.de
cherry.dmath.uni-heidelberg.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
www.zapfinhd.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
www.zapfinhd.de
zapfinhd.de
cherry.dmath.uni-heidelberg.de
cherry.dmath.uni-heidelberg.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
www.zapfinhd.de
anmeldung.zapfinhd.de
cherry.dmath.uni-heidelberg.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
anmeldung.zapfinhd.de
Certificate
The complete raw certificate details for www.zapfinhd.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGCjCCBPKgAwIBAgIQUQ6YSzdPYEfjOb8CCtxOiTANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4XDTE2MTExNjExMTI0MFoXDTE5MTEx NjExMTI0MFowJzELMAkGA1UEBhMCREUxGDAWBgNVBAMMD3d3dy56YXBmaW5oZC5k ZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMqGeHiOwVodGMC4cbsx RMvuHyPYrtnTgMXWO8wiedJHmqe0FrEx9pB/F6MuyE5eVwInojmxGh0V2JCkVBDn 3oaSibP57tiNcze1bol53741weiYGsi1DMbWBOd3Ze37AwTYPAbR1AHlB+xQk/Er jV66YQNsI1noRsXXwTWU6v5O5NkMzFCWDLviGpSXxMWk5gzEh4zRFe22dwdk4lfV v1ToBuWRwJgRgmAi+Es7fJuGMr7ipaT/zVRcz0cgp2YsI7PxB8r4xM4/4jpa153t AHyTYyuGse4DkqMpqL5KWNKuDk9wu98hCxKWmL9LjfjV9PRp6WIkGjkmHjH45Vg9 w5LrQQ7KZQZ7qZeYNHTXmVOXt0ZYoFFuuKGecPu4cYmPe85UCmDPEMS/xEnDzbj9 zqUsGgFMo8xGatqdlSAd3jmtrPEdzeJuH4fX5rIj3mlXQ0YmggQTbwVE/5mah+hv Z7tr9GIOxVqjlNHU3ELn1JKhz4JYb70FuI4PYmvtPzdE96fz9Dp+nN7BYAoX9Kkn J+ENx2PgtRnOdk/GaYyEPtM2u6Jd2h8kJ9CWKBBHK7bFTASGoz3Om5B2CNc3Ibr4 GX5tM10cgtq4Rwe837O8kWx8IcLjxTUg+ZeGzUVIZdJeKGBB0SiUetjMjxJ7XKL+ QZu5Ancdty3EaqfGCVgwerIrAgMBAAGjggHfMIIB2zAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMAkGA1UdEwQCMAAwHQYDVR0O BBYEFFZFHInAG5x4AkRGB6HCFaZ9HF+hMB8GA1UdIwQYMBaAFNeRTgHEsL/4yGeT RJznM/qtkwyvMG8GCCsGAQUFBwEBBGMwYTAkBggrBgEFBQcwAYYYaHR0cDovL29j c3Auc3RhcnRzc2wuY29tMDkGCCsGAQUFBzAChi1odHRwOi8vYWlhLnN0YXJ0c3Ns LmNvbS9jZXJ0cy9zY2Euc2VydmVyMS5jcnQwOAYDVR0fBDEwLzAtoCugKYYnaHR0 cDovL2NybC5zdGFydHNzbC5jb20vc2NhLXNlcnZlcjEuY3JsMCcGA1UdEQQgMB6C D3d3dy56YXBmaW5oZC5kZYILemFwZmluaGQuZGUwIwYDVR0SBBwwGoYYaHR0cDov L3d3dy5zdGFydHNzbC5jb20vMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwGCysGAQQB gbU3AQIFMC0wKwYIKwYBBQUHAgEWH2h0dHBzOi8vd3d3LnN0YXJ0c3NsLmNvbS9w b2xpY3kwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAGeA 4Sc7FC5/lP11glwodfPtMzI7GbAJ5/EWgUzKjJni5KxBOlpk+vTXJigqENehsQA2 PJb8tP7cEjaZ+gJRWckxn1Gu5j34fNeMT4YWfUf3SgSDCgZ1S3RtZdXbOiV8ZYB3 azb/+JRPYBECnkPealmw1VPvloczuXq/ukWLIACb7Ul+yFf3NaP8kwQrDXQtIJRd 359EWjSMoa7eq0662ghKO0BsomZz+mdTXDrSJSxlHq5n36f4dvfo5P0UkK9nXRZn fygN+oliAsYypDc2zsIj/inhp6H5k0msejSYSQ5juPlSWRShYoJIpD9J5AziEgqu O9bRhpBDrXsPpPG5zSA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyoZ4eI7BWh0YwLhxuzFE y+4fI9iu2dOAxdY7zCJ50keap7QWsTH2kH8Xoy7ITl5XAieiObEaHRXYkKRUEOfe hpKJs/nu2I1zN7VuiXnfvjXB6JgayLUMxtYE53dl7fsDBNg8BtHUAeUH7FCT8SuN XrphA2wjWehGxdfBNZTq/k7k2QzMUJYMu+IalJfExaTmDMSHjNEV7bZ3B2TiV9W/ VOgG5ZHAmBGCYCL4Szt8m4YyvuKlpP/NVFzPRyCnZiwjs/EHyvjEzj/iOlrXne0A fJNjK4ax7gOSoymovkpY0q4OT3C73yELEpaYv0uN+NX09GnpYiQaOSYeMfjlWD3D kutBDsplBnupl5g0dNeZU5e3RligUW64oZ5w+7hxiY97zlQKYM8QxL/EScPNuP3O pSwaAUyjzEZq2p2VIB3eOa2s8R3N4m4fh9fmsiPeaVdDRiaCBBNvBUT/mZqH6G9n u2v0Yg7FWqOU0dTcQufUkqHPglhvvQW4jg9ia+0/N0T3p/P0On6c3sFgChf0qScn 4Q3HY+C1Gc52T8ZpjIQ+0za7ol3aHyQn0JYoEEcrtsVMBIajPc6bkHYI1zchuvgZ fm0zXRyC2rhHB7zfs7yRbHwhwuPFNSD5l4bNRUhl0l4oYEHRKJR62MyPEntcov5B m7kCdx23LcRqp8YJWDB6sisCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 107743248700087252268935605469067366025 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 DV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-16 11:12:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-16 11:12:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.zapfinhd.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 826231039798800682995660192845459431790666965811259647314939742317586362449404690412793213527710907731175031711739812961007353202623811175425955453928653769971921452278637247482555472025561648027928223439287530294601423439821373447765022647423929643727167815525207506522511126688607698512146776187572391133953433442535700207863559715226968381327851639423871464657085972171865831626026334134514951750035024832698226896270379279141257832650850386855128861330268991762993544080377126224141207209796836603236907368674806104033206346119893204949422274753193723947624330033807806177308960378277751298967861028848139046869823236464983439373387898188032101969127639553690860248020880036733796453387028792873128383941831320210193308581758184720299004919147295789627848548553816741959738765931153966251753075953802340191049488485359452925277429519092181208260433802935053404050913032424819158129255625509079563965878274179478612008234394007406329906735330094014739723467953127375462912857506586832097760871086939453802082224450562773107472656017769128024331482403352818761320507798987744887314059002881766184721398870583693508435015105509181561063145214945230901118123428562733156198923670415155627663501599306171705025480622195223278896460331 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 56451c89c01b9c7802444607a1c215a67d1c5fa1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d7914e01c4b0bff8c86793449ce733faad930caf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zapfinhd.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zapfinhd.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.startssl.com/policy' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006780e1273b142e7f94fd75825c2875f3ed33323b19b009e7f116814cca8c99e2e4ac413a5a64faf4d726282a10d7a1b100363c96fcb4fedc123699fa025159c9319f51aee63df87cd78c4f86167d47f74a04830a06754b746d65d5db3a257c6580776b36fff8944f6011029e43de6a59b0d553ef968733b97abfba458b20009bed497ec857f735a3fc93042b0d742d20945ddf9f445a348ca1aedeab4ebada084a3b406ca26673fa67535c3ad2252c651eae67dfa7f876f7e8e4fd1490af675d16677f280dfa896202c632a43736cec223fe29e1a7a1f99349ac7a3498490e63b8f9525914a1628248a43f49e40ce2120aae3bd6d1869043ad7b0fa4f1b9cd20