www.humlnet.cz

Issued by StartCom Class 2 Primary Intermediate Server CA

About this certificate


This digital certificate with serial number 01:df:37 was issued on by StartCom Ltd. .

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([2.5.29.18])
  • ERROR: Certificate has key usage [KeyAgreement] set

HUMLNET s.r.o.

Organization: HUMLNET s.r.o.
State / Province: Trutnov
Locality: Trutnov
Country: CZ

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
State / Province: Trutnov
Locality: Trutnov
Country: CZ

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:df:37
Serial Number (int): 122679
Serial Number lenght: 17 bits, 3 octets

SubjectKeyId: dd:5e:be:d2:25:27:44:da:37:5b:2a:9b:af:34:1f:bd:67:0e:68:28
AuthorityKeyId: 11:db:23:45:fd:54:cc:6a:71:6f:84:8a:03:d7:be:f7:01:2f:26:86

Fingerprint (sha1): 6c:5f:6c:15:b9:74:92:c9:0d:05:95:e9:8b:3c:77:7b:2a:f3:ee:ac
Fingerprint (sha256): 5d:1c:c3:eb:54:03:5e:bd:0a:3f:66:31:6e:18:ea:75:ac:bb:a1:41:d5:98:1b:53:7e:15:17:61:ec:03:8c:15

Issuing Certificate URL: http://aia.startssl.com/certs/sub.class2.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class2/server/ca
CRL Distribution Point: http://crl.startssl.com/crt2-crl.crl

Check the revocation status for the current certificate on www.humlnet.cz
9
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.humlnet.cz
humlnet.cz
*.humlnet.cz
humlak.cz
www.humlak.cz
*.humlak.cz
hdinternet.cz
www.hdinternet.cz
*.hdinternet.cz

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIIATCCBumgAwIBAgIDAd83MA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MiBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQwMTIxMTMyODIw WhcNMTYwMTIzMDQzMzQwWjCBoDEZMBcGA1UEDRMQekFOdjBZVzhjQTVnMmI4ejEL MAkGA1UEBhMCQ1oxEDAOBgNVBAgTB1RydXRub3YxEDAOBgNVBAcTB1RydXRub3Yx FzAVBgNVBAoTDkhVTUxORVQgcy5yLm8uMRcwFQYDVQQDEw53d3cuaHVtbG5ldC5j ejEgMB4GCSqGSIb3DQEJARYRZG9tZW55QGh1bWxuZXQuY3owggIiMA0GCSqGSIb3 DQEBAQUAA4ICDwAwggIKAoICAQC2g7VOFTFCnfNo9fsRKvQ8WDDl1MfUcFhXj9tK vuO5HbCxml4VYSLEjdwR1tUIJ6nnTJzEIBkaqbI3zFtp8kX1MBRcN3tyg5MmrTuL hmIEHS7tQqJWefrTxcw/gWPCENZXD81SrbF2XkiAuV8lPnSfetytFPVKMuNStRHe Z8tgbA1vuJ+geNyBP7g2HBvw5yeoHnAh9/ls/Udo3xxMqqeFRcUEgQDUSGAs4I4X MydPhiKoHhThd12ODFzWZZGTEm+kIj3r2uUE/P4E5H5hcYVem1VhVE/k4fKzEvAA BrL7Y81N0zZwR4dnA1g6MF5E8ec8HOOMCky9c4BhtXIfMPbo6MVoyVGnQ03/x6Hc yOAErwPPiW9AG5tgmqCn2Rn0spSt7S1gD7YVZ1Oam4Ne6bA2gpIt0hIprpjhLG21 QFz5kCLc9U1Gi9C7McO2SjiNhGJaMuXt0rl8gvmlAhi+88Zc7n0sXSBPhWonSHme 5lFDidrb3ZE4TTP23OPH9dLI3Jk8uS+PjnrqWDVbRaGnE7nnUsd9qsA8rM71FHM6 rpCR7orVDKrrwLZB64g02ZEGAdMQip/XsiLrSxLg2Y1/PTjMYpK7rladb6/V0YGN Rb/8aGTiuL+HC/zFJaA7nkSkzRKVqxNvp+XeMdPqKu194mIgtfjc0IDce9mg6IIP +hn9XwIDAQABo4IDVDCCA1AwCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0l BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBTdXr7SJSdE2jdbKpuv NB+9Zw5oKDAfBgNVHSMEGDAWgBQR2yNF/VTManFvhIoD1773AS8mhjCBjwYDVR0R BIGHMIGEgg53d3cuaHVtbG5ldC5jeoIKaHVtbG5ldC5jeoIMKi5odW1sbmV0LmN6 gglodW1sYWsuY3qCDXd3dy5odW1sYWsuY3qCCyouaHVtbGFrLmN6gg1oZGludGVy bmV0LmN6ghF3d3cuaGRpbnRlcm5ldC5jeoIPKi5oZGludGVybmV0LmN6MIIBVgYD VR0gBIIBTTCCAUkwCAYGZ4EMAQICMIIBOwYLKwYBBAGBtTcBAgMwggEqMC4GCCsG AQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMIH3Bggr BgEFBQcCAjCB6jAnFiBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAD AgEBGoG+VGhpcyBjZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFjY29yZGluZyB0byB0 aGUgQ2xhc3MgMiBWYWxpZGF0aW9uIHJlcXVpcmVtZW50cyBvZiB0aGUgU3RhcnRD b20gQ0EgcG9saWN5LCByZWxpYW5jZSBvbmx5IGZvciB0aGUgaW50ZW5kZWQgcHVy cG9zZSBpbiBjb21wbGlhbmNlIG9mIHRoZSByZWx5aW5nIHBhcnR5IG9ibGlnYXRp b25zLjA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9j cnQyLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6 Ly9vY3NwLnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MyL3NlcnZlci9jYTBCBggrBgEF BQcwAoY2aHR0cDovL2FpYS5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMi5z ZXJ2ZXIuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t LzANBgkqhkiG9w0BAQUFAAOCAQEAGViog+FN1ykLWDWONl99RTUpSLeuEzz36muu DcmFxIXAarlyJ4P7HFgFjj0vWtvOqNXn7YKfv9axr6aEOTyd8TCX4BFykTm8RgwX I0S4sBkwOcNobHQHfupi0TFWDMmK1Xgv8F5+fGAMOnvyd6Ay89BAzBvPiosiYKr7 ziAOX0ztORbuVYU8DM6BsaKFwj2DWrp7x6yW10CAxSgHbSAasP1E5+cxtinVSPxj yqFgiJzxAYp1I/zQPMO65EYIGW//xlwHAAnqj0mxOlvsPaOVV9pw+fCktMfwUMN2 trBKuaT1f8qSa7NM+lboO0yXSmBcZKMbZ2Ex/bypziK1HHQ0GQ== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtoO1ThUxQp3zaPX7ESr0 PFgw5dTH1HBYV4/bSr7juR2wsZpeFWEixI3cEdbVCCep50ycxCAZGqmyN8xbafJF 9TAUXDd7coOTJq07i4ZiBB0u7UKiVnn608XMP4FjwhDWVw/NUq2xdl5IgLlfJT50 n3rcrRT1SjLjUrUR3mfLYGwNb7ifoHjcgT+4Nhwb8OcnqB5wIff5bP1HaN8cTKqn hUXFBIEA1EhgLOCOFzMnT4YiqB4U4Xddjgxc1mWRkxJvpCI969rlBPz+BOR+YXGF XptVYVRP5OHysxLwAAay+2PNTdM2cEeHZwNYOjBeRPHnPBzjjApMvXOAYbVyHzD2 6OjFaMlRp0NN/8eh3MjgBK8Dz4lvQBubYJqgp9kZ9LKUre0tYA+2FWdTmpuDXumw NoKSLdISKa6Y4SxttUBc+ZAi3PVNRovQuzHDtko4jYRiWjLl7dK5fIL5pQIYvvPG XO59LF0gT4VqJ0h5nuZRQ4na292ROE0z9tzjx/XSyNyZPLkvj4566lg1W0WhpxO5 51LHfarAPKzO9RRzOq6Qke6K1Qyq68C2QeuINNmRBgHTEIqf17Ii60sS4NmNfz04 zGKSu65WnW+v1dGBjUW//Ghk4ri/hwv8xSWgO55EpM0SlasTb6fl3jHT6irtfeJi ILX43NCA3HvZoOiCD/oZ/V8CAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 122679 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-01-21 13:28:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-23 04:33:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.13 (description) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'zANv0YW8cA5g2b8z' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trutnov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trutnov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HUMLNET s.r.o.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.humlnet.cz' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 744594137057172021183111121369821100860578708591945849147272908229001435577734601909325037205150103625577601442540473360393231708226199735214602063738681496613015143347038697635736581165240942450651088010750874046856321584397581995687820419920725407215442259293767425761237751909791803813873640274604178569853231697575539625194008056158198352340180267331129928903066040990724181785359635498270835184764388695404344739680803501407659095074979116749502414249789274815478059133321500039352243243598336013930884586157400196283798425475679795589970423089677333434334737839052015620918069146856666027132997776727412110306251702191201955510759049403486828218698273786951286109357557451327664105142723096524624891950570261949423493068321279542332789656911678734749055521193597969857126870451678123847347647661071472328863471761476473089291624070378574127041980684220445823081048373842429338136349119234197458189962101127452834746362284630064528270036207630297130230306967884528253113872387526989897966989584290106130049931528546701617228058167832034482387955039096910830014591285737284461350623756092322153666763846676666703645251518259203854479248140896607324698107889293923437705124115783492752431923154556670725106130211974420966256803167 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dd5ebed2252744da375b2a9baf341fbd670e6828 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 11db2345fd54cc6a716f848a03d7bef7012f2686 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.humlnet.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'humlnet.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.humlnet.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'humlak.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.humlak.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.humlak.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hdinternet.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hdinternet.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hdinternet.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (333 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 67 108 97 115 115 32 50 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt2-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class2/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class2.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001958a883e14dd7290b58358e365f7d45352948b7ae133cf7ea6bae0dc985c485c06ab9722783fb1c58058e3d2f5adbcea8d5e7ed829fbfd6b1afa684393c9df13097e011729139bc460c172344b8b0193039c3686c74077eea62d131560cc98ad5782ff05e7e7c600c3a7bf277a032f3d040cc1bcf8a8b2260aafbce200e5f4ced3916ee55853c0cce81b1a285c23d835aba7bc7ac96d74080c528076d201ab0fd44e7e731b629d548fc63caa160889cf1018a7523fcd03cc3bae44608196fffc65c070009ea8f49b13a5bec3da39557da70f9f0a4b4c7f050c376b6b04ab9a4f57fca926bb34cfa56e83b4c974a605c64a31b676131fdbca9ce22b51c743419