owl.sr.unh.edu

- Persona Not Validated -

Issued by StartCom Class 1 Primary Intermediate Server CA

About this certificate

This digital certificate with serial number 02:9c:cb was issued on Monday Dec 20, 2010 at 6:59PM by StartCom Ltd..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

We have idenified some issues with this certificate:

KeyUsage [DigitalSignature KeyAgreement KeyEncipherment] (00010101) inconsistent with ExtKeyUsage serverAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)

Persona Not Validated

Organization: Persona Not Validated
Organization unit: StartCom Free Certificate Member

Country: US

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: Secure Digital Certificate Signing

Country: IL

This certificate has expire since Thursday Dec 22, 2011 at 2:50PM UTC

Certificate Details

Serial Number (hex): 02:9c:cb
Serial Number (int): 171211
Serial Number lenght: 18 bits, 3 octets

SubjectKeyId: 3c:f1:6b:1d:54:96:d8:2d:17:01:95:70:ed:56:24:4c:d1:0d:23:a1
AuthorityKeyId: eb:42:34:d0:98:b0:ab:9f:f4:1b:6b:08:f7:cc:64:2e:ef:0e:2c:45

Fingerprint (sha1): d2:82:09:f5:0b:18:5c:47:78:35:0f:19:1d:97:18:75:b7:e5:2f:0c
Fingerprint (sha256): 09:3b:5e:40:9c:9a:15:4f:13:d1:71:20:d9:8b:8f:e5:0c:a9:ef:d8:48:de:e6:1e:ea:03:db:44:4f:ec:80:a6

Issuing Certificate URL: http://www.startssl.com/certs/sub.class1.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class1/server/ca
CRL Distribution Point: http://www.startssl.com/crt1-crl.crl
CRL Distribution Point: http://crl.startssl.com/crt1-crl.crl

Check the revocation status for certificate owl.sr.unh.edu

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for owl.sr.unh.edu

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

Fully Qualified Domain Names

owl.sr.unh.edu

unh.edu

owl.sr.unh.edu
unh.edu

Other certificates including the domain name unh.edu

(limited to 100 certificates)

oak.cs.unh.edu
law.unh.edu
graddevserver.unh.edu
prominence.unh.edu
dpdkdashboard.iol.unh.edu
fammob-test1.unh.edu
media.unh.edu
zeke.sr.unh.edu
leaf.sr.unh.edu
klima.sr.unh.edu
zeke.sr.unh.edu
atcirculation.unh.edu
q.sr.unh.edu
nicldb.unh.edu
ddc.unh.edu
cipher2.unh.edu
wwdrii.sr.unh.edu
*.libproxy.unh.edu
webapps.unh.edu
hcgs.unh.edu
library.unh.edu
apply.unh.edu
wintermute.sr.unh.edu
litwebsitedev.unh.edu
webauthdev.unh.edu
jointagencyvm.sr.unh.edu
tcpalo4-1-mgmt.unh.edu
idmdev.unh.edu
collegiatelink.studentvoice.com
at-training.unh.edu
phenocam.sr.unh.edu
mylogin.law.unh.edu
pacapp.cs.unh.edu
operations.onecampus.com
sirs-actutest.sr.unh.edu
kato.unh.edu
foss.unh.edu
owl.sr.unh.edu
applecore.sr.unh.edu
networking.unh.edu
place.sr.unh.edu
clusters.unh.edu
collegiatelink.studentvoice.com
ea-poe-cert.iol.unh.edu
icebridge.sr.unh.edu
fishercat.sr.unh.edu
rcc.sr.unh.edu
blackstar.sr.unh.edu
unity.unh.edu
idmdev.unh.edu
herculesdome.org
*.ccom.unh.edu
webmail.eos.sr.unh.edu
wsdev.unh.edu
posters.unh.edu
ddc.sr.unh.edu
owl.sr.unh.edu
scholars.unh.edu
bootcamp.unh.edu
nhihpp-backups.sr.unh.edu
appropriations.unh.edu
waterviz.org
nuclear.unh.edu
law.unh.edu
*.libproxy.unh.edu
posters.unh.edu
bootcamp.unh.edu
clockwork.unh.edu
alumni.law.unh.edu
*.iol.unh.edu
admissions.unh.edu
apexdev.unh.edu
marco2.unh.edu
admissions.unh.edu
dawn.sr.unh.edu
www.iol.unh.edu
bugzilla.sr.unh.edu
www.library.unh.edu
www.transfer.unh.edu
ww.vpn.unh.edu
unhconnect.unh.edu
dawn.sr.unh.edu
hastings.unh.edu
akamai-san192.exacttarget.com
mycourses.unh.edu
enterprise.vpn.unh.edu
prc.unh.edu
gradschool.unh.edu
contracts.unh.edu
housingonline.unh.edu
co-gen-gw.unh.edu
lists.unh.edu
ipmall.info
ciceet.unh.edu
saip2.unh.edu
exchange.unh.edu
blackbaudfrogprod.unh.edu
leaf.sr.unh.edu
connect.vpn.unh.edu
www.unh.edu

Certificate

The complete raw certificate details for owl.sr.unh.edu in PEM and ASN.1 format.

Certificate (PEM)

Public Key (PEM)

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 171211
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 Primary Intermediate Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-12-20 18:59:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-12-22 14:50:17 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.13 (description)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '318826-ZaT4WNb5sX2joiXK'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Persona Not Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Free Certificate Member'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'owl.sr.unh.edu'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 726481684329317090149969669451267931635012960878315743259752055709056691281950314258137191627457123013759459700664000270136631994444137160931811583190415620553222061797723166819240951335835820476623428383587785662874183202922185236345858416349848444274651996810149762746708355994629618468012260519585818422257819065598695066864803629041866562026948514736554581516396552638414440471139556287961280698661861002123618217981578903706576306102980338628991756951234167856195243055121570927305235009669835887475665381407381509930181346247329185309682583829172681244496440977317897109040807564808441549951891983841610713650465293744441763409709080463539094462839454215747344962655286792931058385747981875522853414100319791888135247319035773383993854588365164008666927445121442092574549272087435948053773726308910222698515674049083708246854984427089997320897232439465562378270889202550048191745803111760837254140349538423062764049113888612362470801150526608350687030251220698747259285577123699189248716105653873142475830640331217216852232506993197831871121734962125385451471870960561367250670502988734380123362356357639563999537176010254727043932361469324466662537522377437016485041941963891313590806125988831294569722355764954214945208963819
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits)
							03a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3cf16b1d5496d82d17019570ed56244cd10d23a1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName eb4234d098b0ab9ff41b6b08f7cc642eef0e2c45
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'owl.sr.unh.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unh.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (313 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/intermediate.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Ltd.'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [76 105 109 105 116 101 100 32 76 105 97 98 105 108 105 116 121 44 32 115 101 101 32 115 101 99 116 105 111 110 32 42 76 101 103 97 108 32 76 105 109 105 116 97 116 105 111 110 115 42 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 101 114 116 105 102 105 99 97 116 105 111 110 32 65 117 116 104 111 114 105 116 121 32 80 111 108 105 99 121 32 97 118 97 105 108 97 98 108 101 32 97 116 32 104 116 116 112 58 47 47 119 119 119 46 115 116 97 114 116 115 115 108 46 99 111 109 47 112 111 108 105 99 121 46 112 100 102]
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/crt1-crl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt1-crl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class1/server/ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/certs/sub.class1.server.ca.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006179f0cea76157b32930576cec1d914ebf4e8c474fe03e4350c07da19d4c2042dd8c467b0ab328cde9d976e4c5ce4b126e5dbce5b2fda95fcc602f65c0ef699d0097531da90fb3ae2d3658dfd2e4c7e56a71821ef527f19ffff1d6ed6837c9b061ac75c726a512c89d9523fd4457ecd092b205e2a4b3c3de9f8183ad9211812db9fbd2a98061625e498a42402b7d8629b658880d6d70d49b270e051d12cb192d1725f8bc431593621c7217492781e396f88c8d3c168c70e6322f49945dc5e61d1b7712b9b0b2edcda98429594bc228a92c0f3253b54791b7cb0179a2e059e0c3ccfd19f974953aad5218430a9d99570e80f78c9805e6039b36e46ca45dd93808