kyle.wk.cz
- Josef Janosec -
Issued by StartCom Class 1 Primary Intermediate Server CA
About this certificate
This digital certificate with serial number 03:ac:40 was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DigitalSignature KeyEncipherment KeyAgreement] (00010101) inconsistent with ExtKeyUsage serverAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Josef Janosec
Organization:
Josef Janosec
Country:
CZ
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Organization unit: Secure Digital Certificate Signing
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ac:40Serial Number (int): 240704
Serial Number lenght: 18 bits, 3 octets
SubjectKeyId: 48:04:6d:90:8d:f2:ff:54:54:03:20:5f:88:86:58:fd:fb:0c:6c:e6
AuthorityKeyId: eb:42:34:d0:98:b0:ab:9f:f4:1b:6b:08:f7:cc:64:2e:ef:0e:2c:45
Fingerprint (sha1): 42:b2:af:a0:1d:b3:d9:12:e4:69:0a:81:1d:03:66:e7:26:89:35:f5
Fingerprint (sha256): 1f:18:d3:a3:01:0e:ec:9e:14:b0:d3:d7:4c:48:b5:85:d6:46:21:5e:77:45:3c:08:aa:0f:c3:84:a9:b9:bd:df
Issuing Certificate URL: http://aia.startssl.com/certs/sub.class1.server.ca.crt
Revocation information
OCSP Server: http://ocsp.startssl.com/sub/class1/server/caCRL Distribution Point: http://crl.startssl.com/crt1-crl.crl
Check the revocation status for certificate kyle.wk.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kyle.wk.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kyle.wk.cz
wk.cz
wk.cz
Other certificates including the domain name wk.cz
(limited to 100 certificates)
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
rig.wk.cz
mail3.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
kyle.wk.cz
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
kyle.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
mail2.wk.cz
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
mail.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
www.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
ike.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
oc.wk.cz
sni67230.cloudflaressl.com
cloud.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
mail.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
rig.wk.cz
mail3.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
kyle.wk.cz
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
kyle.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
mail2.wk.cz
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
mail.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
www.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
hankey.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
i1.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
ike.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
oc.wk.cz
sni67230.cloudflaressl.com
cloud.wk.cz
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
sni67230.cloudflaressl.com
mail.wk.cz
Certificate
The complete raw certificate details for kyle.wk.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIITDCCBzSgAwIBAgIDA6xAMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTEwNjExMTEwNDQz WhcNMTIwNjExMTY1MzE2WjCBhDEgMB4GA1UEDRMXNDQ1NzIyLVd5bWpnN2lzMTNq MG9SNDkxCzAJBgNVBAYTAkNaMRYwFAYDVQQKEw1Kb3NlZiBKYW5vc2VjMRMwEQYD VQQDEwpreWxlLndrLmN6MSYwJAYJKoZIhvcNAQkBFhdqb3NlZi5qYW5vc2VjQGdt YWlsLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANWi/OAXrNXh dihlYxH/lEGGvTmFEYmdyB4utTcSOK8Ig/1dI7bC0wvlcWfLI76NhzMbmXrT44hn 3n4zCaZn1VvkiaLsVqzJ2AUkw/B+hWLiTK3BhbX5ZkbBrTFc6dT6HuWfVwCvuS1X Mnt3YH1pZ7rQq98r2iBcRqBdzdFAVJvYPlsmMZRnl7irIHPYMr2H9TjDJ608SBIl uxY+9xCja6nXLduSapTRRYzdCKmxjlM6vbBoK8b+qx+/V9bV2t8NURcblOSblwXg CwwDC4Eg1MsniF5L5PKS8HUnuxUK855Op7824pW/qAtZ6BCj8jocOpXqm8dtabnM yah77KPEQdd4NnUvV2a9+AKu1tGEAlS4piuiXci+g+Mpb1tn2x6T/C+CyCtXCUKD t1uwWUcGNXLeF63iosYAbOLoDxlKo7R5AmJk/i9Q3J/LocB1KQvlGcK9CMs92dl6 3emmY0oO4zaMdMdtYk2PH6OPiRgofCRL0wxMxuNqvyLctapSY91siYkUR7kowwQg gqMVbwPAoxTouHnzP3/Dxe5g1rx2yocK6AjbzmRdUJpovbTFsMrYNmhxXEMrpt26 VhuIXJ3Oyg691h7+lFZWadHxH4BXcv9j20Tu726jKQ3XFDsj+P2+gvD4XnIj8d9O fqiXiyl8kJIuCAqpf4ughScW3myvIebzAgMBAAGjggO7MIIDtzAJBgNVHRMEAjAA MAsGA1UdDwQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUSARt kI3y/1RUAyBfiIZY/fsMbOYwHwYDVR0jBBgwFoAU60I00Jiwq5/0G2sI98xkLu8O LEUwHAYDVR0RBBUwE4IKa3lsZS53ay5jeoIFd2suY3owggI7BgNVHSAEggIyMIIC LjCCAioGCysGAQQBgbU3AQICMIICGTAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5z dGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5z dGFydHNzbC5jb20vaW50ZXJtZWRpYXRlLnBkZjCCARAGCCsGAQUFBwICMIIBAjAn FiBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTADAgEBGoHWVGhpcyBj ZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFjY29yZGluZyB0byB0aGUgU3RhcnRTU0wg V2ViLW9mLVRydXN0IENvbW11bml0eSBWYWxpZGF0aW9uIHJlcXVpcmVtZW50cyBv ZiB0aGUgU3RhcnRDb20gQ0EgcG9saWN5LCByZWxpYW5jZSBvbmx5IGZvciB0aGUg aW50ZW5kZWQgcHVycG9zZSBpbiBjb21wbGlhbmNlIG9mIHRoZSByZWx5aW5nIHBh cnR5IG9ibGlnYXRpb25zLjCBnAYIKwYBBQUHAgIwgY8wJxYgU3RhcnRDb20gQ2Vy dGlmaWNhdGlvbiBBdXRob3JpdHkwAwIBAhpkTGlhYmlsaXR5IGFuZCB3YXJyYW50 aWVzIGFyZSBsaW1pdGVkISBTZWUgc2VjdGlvbiAiTGVnYWwgYW5kIExpbWl0YXRp b25zIiBvZiB0aGUgU3RhcnRDb20gQ0EgcG9saWN5LjA1BgNVHR8ELjAsMCqgKKAm hiRodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9jcnQxLWNybC5jcmwwgY4GCCsGAQUF BwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9z dWIvY2xhc3MxL3NlcnZlci9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFy dHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMS5zZXJ2ZXIuY2EuY3J0MCMGA1UdEgQc MBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEA TunFKfHmmkmyznGbrpSQCubMY9Jaibqja9oNImebvP5NmyPnwjL/Xw6xXx3yon69 p/kLTsGjfe5NLeIOgfBu7Cmq3VuWpF8WK4xeBT4+tTofuYgkHjp2R3buKq5VtOXi X3AENNFssZhWdI2pkm2PdFJjZUCRvCfdqqSp5HnYFnjMqUCVBxKXFguP0QJ/rehG LHsEkoKSyYlGTtMxDzPaNQvfUUaG8U4+1+2RZYdVBFYE5Bu1oE4ao6MTdGg43drT MxR+Lwy+1h7OBUSfi7b2erCPhrd05VAVzbL8Rdi7UclNhWR0oAm5eH7G6Zz3rrv0 JPDCE3fPkXYyYxYh1+tpMA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1aL84Bes1eF2KGVjEf+U QYa9OYURiZ3IHi61NxI4rwiD/V0jtsLTC+VxZ8sjvo2HMxuZetPjiGfefjMJpmfV W+SJouxWrMnYBSTD8H6FYuJMrcGFtflmRsGtMVzp1Poe5Z9XAK+5LVcye3dgfWln utCr3yvaIFxGoF3N0UBUm9g+WyYxlGeXuKsgc9gyvYf1OMMnrTxIEiW7Fj73EKNr qdct25JqlNFFjN0IqbGOUzq9sGgrxv6rH79X1tXa3w1RFxuU5JuXBeALDAMLgSDU yyeIXkvk8pLwdSe7FQrznk6nvzbilb+oC1noEKPyOhw6leqbx21puczJqHvso8RB 13g2dS9XZr34Aq7W0YQCVLimK6JdyL6D4ylvW2fbHpP8L4LIK1cJQoO3W7BZRwY1 ct4XreKixgBs4ugPGUqjtHkCYmT+L1Dcn8uhwHUpC+UZwr0Iyz3Z2Xrd6aZjSg7j Nox0x21iTY8fo4+JGCh8JEvTDEzG42q/Ity1qlJj3WyJiRRHuSjDBCCCoxVvA8Cj FOi4efM/f8PF7mDWvHbKhwroCNvOZF1Qmmi9tMWwytg2aHFcQyum3bpWG4hcnc7K Dr3WHv6UVlZp0fEfgFdy/2PbRO7vbqMpDdcUOyP4/b6C8PheciPx305+qJeLKXyQ ki4ICql/i6CFJxbebK8h5vMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 240704 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-06-11 11:04:43 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-06-11 16:53:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.13 (description) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '445722-Wymjg7is13j0oR49' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Josef Janosec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kyle.wk.cz' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 871561577849621562128659407736496268846543962099175249714252023956609363553460529984628966771372165970808714217144154091201620260984666792983273075248529174359603577036973162780743996979804722981754717741780263564471059556357927211668970229944344309847240316756563941405472171183694286598911548925445218658755726912307775725182772478610610510130667566749008575630396284045085754150693838667704677766547538813115656652898859808061429705895857547385661427415058198923566981012678151406201141650506836158715133894791623192325529161731516586745476395459256196112286092625401322435064962485923033253435886278932171947035668093601375332254946739636120166944178393617146650115979231462548059796028050214928485438063107619082421475164266342429352386436379084159891184447160847628416114945229841368776059543361696434993137343461946918706157375680327528011687064011782185324771534862893102195490642381950444347633540806880222366055104595220371291415034169673963035892340084615564542684962125076733581553055084055027887305967841193989666307582406320874860687816338610524828027811450901505601130944249315868618170415911665914394786296630943128967382702215057745971779666446732896743568346085930865213782950516639006192735282139637732441420064499 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 48046d908df2ff545403205f888658fdfb0c6ce6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName eb4234d098b0ab9ff41b6b08f7cc642eef0e2c45 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kyle.wk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wk.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (562 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/intermediate.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 83 116 97 114 116 83 83 76 32 87 101 98 45 111 102 45 84 114 117 115 116 32 67 111 109 109 117 110 105 116 121 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [76 105 97 98 105 108 105 116 121 32 97 110 100 32 119 97 114 114 97 110 116 105 101 115 32 97 114 101 32 108 105 109 105 116 101 100 33 32 83 101 101 32 115 101 99 116 105 111 110 32 34 76 101 103 97 108 32 97 110 100 32 76 105 109 105 116 97 116 105 111 110 115 34 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt1-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class1/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class1.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004ee9c529f1e69a49b2ce719bae94900ae6cc63d25a89baa36bda0d22679bbcfe4d9b23e7c232ff5f0eb15f1df2a27ebda7f90b4ec1a37dee4d2de20e81f06eec29aadd5b96a45f162b8c5e053e3eb53a1fb988241e3a764776ee2aae55b4e5e25f700434d16cb19856748da9926d8f745263654091bc27ddaaa4a9e479d81678cca94095071297160b8fd1027fade8462c7b04928292c989464ed3310f33da350bdf514686f14e3ed7ed91658755045604e41bb5a04e1aa3a313746838dddad333147e2f0cbed61ece05449f8bb6f67ab08f86b774e55015cdb2fc45d8bb51c94d856474a009b9787ec6e99cf7aebbf424f0c21377cf917632631621d7eb6930