*.lapoux.com

Issued by StartCom Class 2 Primary Intermediate Server CA

About this certificate


This digital certificate with serial number 06:76:2d:c3:b4:6d:ea was issued on by StartCom Ltd. .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Cerificate errors/warnings *beta

  • WARNING: Using depricated TeletexString for '[*.lapoux.com]'
  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([2.5.29.18])
  • ERROR: Certificate has key usage [KeyAgreement] set

Romain Lapoux

Organization: Romain Lapoux
State / Province: Centre
Locality: Saint Martin De Nigelles
Country: FR

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
State / Province: Centre
Locality: Saint Martin De Nigelles
Country: FR

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 06:76:2d:c3:b4:6d:ea
Serial Number (int): 1818788789251562
Serial Number lenght: 51 bits, 7 octets

SubjectKeyId: 23:e8:36:d9:1a:0c:6d:55:6b:81:ff:4f:14:84:9c:a7:dd:32:ba:eb
AuthorityKeyId: 11:db:23:45:fd:54:cc:6a:71:6f:84:8a:03:d7:be:f7:01:2f:26:86

Fingerprint (sha1): a0:64:b8:79:04:d8:50:89:bb:86:c7:07:2e:46:5d:ed:01:eb:7d:27
Fingerprint (sha256): 27:3f:56:3b:c9:eb:5f:58:20:28:75:19:52:2d:2c:00:d7:50:14:5a:aa:06:7d:c0:a2:bd:30:e7:e0:59:31:c4

Issuing Certificate URL: http://aia.startssl.com/certs/sub.class2.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class2/server/ca
CRL Distribution Point: http://crl.startssl.com/crt2-crl.crl

Check the revocation status for the current certificate on *.lapoux.com
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.lapoux.com
lapoux.com

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIHjjCCBnagAwIBAgIHBnYtw7Rt6jANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UE BhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBE aWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENs YXNzIDIgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMB4XDTE1MDEwODE3 NTEzNloXDTE3MDEwODIyMTUyOVowgZYxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIEwZD ZW50cmUxITAfBgNVBAcTGFNhaW50IE1hcnRpbiBEZSBOaWdlbGxlczEWMBQGA1UE ChMNUm9tYWluIExhcG91eDEVMBMGA1UEAxQMKi5sYXBvdXguY29tMSQwIgYJKoZI hvcNAQkBFhVwb3N0bWFzdGVyQGxhcG91eC5jb20wggIiMA0GCSqGSIb3DQEBAQUA A4ICDwAwggIKAoICAQC04XHp/lnVOJTQUlZYZhKGCCBJKIuhH7ZYMcTQk0Xya+4u m/tjKMsutTXmuDnUJi/YT1bQsA1RRYEbhCooYQtWRj8tQdnc6s+0ME/RV5sPIHe+ gfJ/5asqTU6F7aZ/f36FOdkFj62Xl3Jl5fBXAdEcsPqZMxfj2qwpHbnhaAA6cQo7 uS+1iCHt+TCkp4bb2Nr52fKg1b6YHOeJZ4MnlSshh9Eb4WutqYpt4aNZMmDXqSUI f3X8pubelCf+q53czUIrF+kNL0JCgQygTFKWSbjh/DtAekzCEKzRt2lQiff7y/2k yMrRZ4zhHcIIJnwmjSuaUMVG2fYY3eP87WWGLzT/cP4639CJR75ZfUAwclRBZQNO 1mWCP/Dm+BCbARa7EZs3544l5GTuvICFpw4uomu+qczmEVq+FzsBAieaoNJGxL+t IpTDQXwmfa84kqMd97aDpzT0h7PvdGOKhHx+rlqMZPim8OyqqBNVZs8cH3xcoszI 5OrJSNblE17RHxpe9xHIXpfTOpBcHeNHHWQvgz/sgCienUuPMMkDFu2nu9WrezRG MgRMMfVv47fE4EBOgE1wkMj055uPvQHxXuk8FNDDpinvdO8fIQTXHIP0CQR54jpg tUHPU4sJL0Vk6rdFWr8wyi5Svl8Yz0G9qmarF53UHroePNdKWy2EJM18Q2OS1wID AQABo4IC5zCCAuMwCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0lBBYwFAYI KwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBQj6DbZGgxtVWuB/08UhJyn3TK6 6zAfBgNVHSMEGDAWgBQR2yNF/VTManFvhIoD1773AS8mhjAjBgNVHREEHDAaggwq LmxhcG91eC5jb22CCmxhcG91eC5jb20wggFWBgNVHSAEggFNMIIBSTAIBgZngQwB AgIwggE7BgsrBgEEAYG1NwECAzCCASowLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL3BvbGljeS5wZGYwgfcGCCsGAQUFBwICMIHqMCcWIFN0YXJ0 Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MAMCAQEagb5UaGlzIGNlcnRpZmlj YXRlIHdhcyBpc3N1ZWQgYWNjb3JkaW5nIHRvIHRoZSBDbGFzcyAyIFZhbGlkYXRp b24gcmVxdWlyZW1lbnRzIG9mIHRoZSBTdGFydENvbSBDQSBwb2xpY3ksIHJlbGlh bmNlIG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGluIGNvbXBsaWFuY2Ug b2YgdGhlIHJlbHlpbmcgcGFydHkgb2JsaWdhdGlvbnMuMDUGA1UdHwQuMCwwKqAo oCaGJGh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydDItY3JsLmNybDCBjgYIKwYB BQUHAQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDovL29jc3Auc3RhcnRzc2wuY29t L3N1Yi9jbGFzczIvc2VydmVyL2NhMEIGCCsGAQUFBzAChjZodHRwOi8vYWlhLnN0 YXJ0c3NsLmNvbS9jZXJ0cy9zdWIuY2xhc3MyLnNlcnZlci5jYS5jcnQwIwYDVR0S BBwwGoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20vMA0GCSqGSIb3DQEBCwUAA4IB AQAwfbThYPrTmbsUuTuaONUm7umfTl2AXo0x2N/SHc7b6pJXGJwFKMThnSxeBpoo o4HUpegTnh27ZI025FkqTJtQMgtbx5b9oOTcXi59pi508SJLEWesenDWBQhK6nGt Z8fAXxRxkwjq40jbVQ/+dH/S/Q+fyQ+624jUsBZ3hviuU6yg8k7hFnVyNbUKLasL qEzErnCrCL7Mv9PMTw4r1aH0hgQumGwLlxV2UQStV/odYYqv0S4kb85knLfkFvRz TT7ENSUBOThEABsbxU+iRmb1zuAiBiXqhvX9Gc/jKd2xtphHqqbGnfwNeGLB1Wi4 of/vZZzJwQ7ITSiew1Al6mEW -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtOFx6f5Z1TiU0FJWWGYS hgggSSiLoR+2WDHE0JNF8mvuLpv7YyjLLrU15rg51CYv2E9W0LANUUWBG4QqKGEL VkY/LUHZ3OrPtDBP0VebDyB3voHyf+WrKk1Ohe2mf39+hTnZBY+tl5dyZeXwVwHR HLD6mTMX49qsKR254WgAOnEKO7kvtYgh7fkwpKeG29ja+dnyoNW+mBzniWeDJ5Ur IYfRG+FrramKbeGjWTJg16klCH91/Kbm3pQn/qud3M1CKxfpDS9CQoEMoExSlkm4 4fw7QHpMwhCs0bdpUIn3+8v9pMjK0WeM4R3CCCZ8Jo0rmlDFRtn2GN3j/O1lhi80 /3D+Ot/QiUe+WX1AMHJUQWUDTtZlgj/w5vgQmwEWuxGbN+eOJeRk7ryAhacOLqJr vqnM5hFavhc7AQInmqDSRsS/rSKUw0F8Jn2vOJKjHfe2g6c09Iez73RjioR8fq5a jGT4pvDsqqgTVWbPHB98XKLMyOTqyUjW5RNe0R8aXvcRyF6X0zqQXB3jRx1kL4M/ 7IAonp1LjzDJAxbtp7vVq3s0RjIETDH1b+O3xOBAToBNcJDI9Oebj70B8V7pPBTQ w6Yp73TvHyEE1xyD9AkEeeI6YLVBz1OLCS9FZOq3RVq/MMouUr5fGM9Bvapmqxed 1B66HjzXSlsthCTNfENjktcCAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1818788789251562 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-08 17:51:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-01-08 22:15:29 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Centre' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Saint Martin De Nigelles' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Romain Lapoux' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.lapoux.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 737928648110392951151712743465956749482593272465136748118586793479168059778620162601575775298076113366119417705286261640706873109093558514261231319307050279516769021668737946783300094730732587572280356330967848340736860132200362581712361421472289094635333949535744499067596212721763818221333388766659416760160000077578182040221159593013207832850926770431753718182094888046648158261795695632225601246601393625721995406003041454518329442482938787693060057678866003921439347960626275670372830199565102370728008616409554139782314371793560527017138073532570117581530876427603244371457510941433691093124714581696630875806731493664754595333288714392551740385424548760063622602772664738821898763705225548418777304776641732673902903821407428503321249799804504895544794780193347691008079913337118164410448938426030655289433218671111360949962053539709031114008918656972910565521078110211311073026752413440672935781913846440635753764961782196480933611399441828893553304925474412794427940438298966721460080893098836694807396798706098025338552028966395386384161768019097053934088421949838403240468287686061673977597017229860721695401873603658946092727718602775643434974323400173717762543334516689592163086883275823008878558051260712786563162149591 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 23e836d91a0c6d556b81ff4f14849ca7dd32baeb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 11db2345fd54cc6a716f848a03d7bef7012f2686 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lapoux.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lapoux.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (333 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 67 108 97 115 115 32 50 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt2-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class2/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class2.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00307db4e160fad399bb14b93b9a38d526eee99f4e5d805e8d31d8dfd21dcedbea9257189c0528c4e19d2c5e069a28a381d4a5e8139e1dbb648d36e4592a4c9b50320b5bc796fda0e4dc5e2e7da62e74f1224b1167ac7a70d605084aea71ad67c7c05f14719308eae348db550ffe747fd2fd0f9fc90fbadb88d4b0167786f8ae53aca0f24ee116757235b50a2dab0ba84cc4ae70ab08beccbfd3cc4f0e2bd5a1f486042e986c0b9715765104ad57fa1d618aafd12e246fce649cb7e416f4734d3ec4352501393844001b1bc54fa24666f5cee0220625ea86f5fd19cfe329ddb1b69847aaa6c69dfc0d7862c1d568b8a1ffef659cc9c10ec84d289ec35025ea6116