config.rockt.es
Issued by StartCom Class 1 Primary Intermediate Server CA
About this certificate
This digital certificate with serial number 09:85:ae was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [KeyEncipherment KeyAgreement DigitalSignature] (00010101) inconsistent with ExtKeyUsage serverAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=config.rockt.es,C=DE,1.2.840.113549.1.9.1=#0c127765626d617374657240726f636b742e6573
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Organization unit: Secure Digital Certificate Signing
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 09:85:aeSerial Number (int): 624046
Serial Number lenght: 20 bits, 3 octets
SubjectKeyId: b8:1e:20:45:26:e5:dc:9a:b2:9f:61:12:67:fd:28:82:df:d3:ec:82
AuthorityKeyId: eb:42:34:d0:98:b0:ab:9f:f4:1b:6b:08:f7:cc:64:2e:ef:0e:2c:45
Fingerprint (sha1): 20:64:01:8e:e3:d1:60:4d:91:3b:9d:03:43:f7:48:1a:40:3a:38:85
Fingerprint (sha256): 1f:41:69:3b:89:b0:dd:f6:15:6a:04:21:64:bf:31:d8:5f:cb:ec:bb:ee:d0:e7:50:1f:dc:66:89:75:04:b9:54
Issuing Certificate URL: http://aia.startssl.com/certs/sub.class1.server.ca.crt
Revocation information
OCSP Server: http://ocsp.startssl.com/sub/class1/server/caCRL Distribution Point: http://crl.startssl.com/crt1-crl.crl
Check the revocation status for certificate config.rockt.es
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for config.rockt.es
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
config.rockt.es
rockt.es
rockt.es
Other certificates including the domain name rockt.es
(limited to 100 certificates)
bandraum.rockt.es
webstore.einsatzdisplay.de
unobama.lima-city.de
config.rockt.es
www.webprogram.lima-city.de
www.schraberg-golden.de.cool
www.schnittlauchgang.rockt.es
www.iniquitius.lima-city.de
mail.rockt.es
mail.rockt.es
www.iniquitius.lima-city.de
bandraum.rockt.es
www.schnittlauchgang.rockt.es
bandraum.rockt.es
bandraum.rockt.es
*.metz-bagetz.de
bandraum.rockt.es
www.schnittlauchgang.rockt.es
www.schnittlauchgang.rockt.es
www.schnittlauchgang.rockt.es
www.xn--berclub-m2a.de
www.englert-ip.de
*.mylychees.de
bandraum.rockt.es
*.rdoffice.de
webshop.eishorn.de
webmelaa.lima-city.de
todr6546.lima-city.de
www.schnittlauchgang.rockt.es
webstore.einsatzdisplay.de
unobama.lima-city.de
config.rockt.es
www.webprogram.lima-city.de
www.schraberg-golden.de.cool
www.schnittlauchgang.rockt.es
www.iniquitius.lima-city.de
mail.rockt.es
mail.rockt.es
www.iniquitius.lima-city.de
bandraum.rockt.es
www.schnittlauchgang.rockt.es
bandraum.rockt.es
bandraum.rockt.es
*.metz-bagetz.de
bandraum.rockt.es
www.schnittlauchgang.rockt.es
www.schnittlauchgang.rockt.es
www.schnittlauchgang.rockt.es
www.xn--berclub-m2a.de
www.englert-ip.de
*.mylychees.de
bandraum.rockt.es
*.rdoffice.de
webshop.eishorn.de
webmelaa.lima-city.de
todr6546.lima-city.de
www.schnittlauchgang.rockt.es
Certificate
The complete raw certificate details for config.rockt.es in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHNDCCBhygAwIBAgIDCYWuMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTMwMzEzMDk0MzE2 WhcNMTQwMzE0MTYzMTQ4WjBKMQswCQYDVQQGEwJERTEYMBYGA1UEAxMPY29uZmln LnJvY2t0LmVzMSEwHwYJKoZIhvcNAQkBFhJ3ZWJtYXN0ZXJAcm9ja3QuZXMwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDSJNmuT5K+YzCkaE1TMixpVtGl NsQ9VlHYPqhnK2Rdu3zzzNI3k/NrnhTWp3ld4hT6CXNd1IsdmDuhu0ZaU7j1bAs/ LIHFgtHDUAVtfEQvjOchitDbcHJwipxEEZSRAG/BN43qQAei+n91UysSMkQTpozR j462yKpeftpnjNbA0yiYy1aVOmfFAI7dhGRQsVCKnnLpVteJ9veKxzs3XYX6EhEX zdgLVQWyYHhii4OJqHALPjZcMBrNL7KMY9S/iNqA+sbAnL1jkcPMvRu6Xq7DtJH/ sHiIMxJ8RjGXkAjPaQje9kE9Eot6A7zchhNlOm4qyvlddKlE9jK7BRuE6MmMfzn2 DqfrbnwKRGBW3Vc0+IG2vOLlev8Vy3hqhT7b2dMWrBOoZASOG5sZLlrdj/uaJl6C 9QEXFRZbw6POzjc4CrQt+izzwXoyOuMDvRIbkwRz3SvGfASkUFQhnWclmPQ9QD+z hF3TcR7indo6H1/JMsHmxE4I/nEVilSBw4mSjFjg8vJjUSoafBU5M+45v1W4oibS c03vaPLN9drGhNiZ5bUzcRKqZuZyyjQF1c6obvxeysSIcmuMjiu4OOEte6hM7oey 9lWeVKSMLdRHxLojjz+3HNpI94RmvxL1NIyXUpy3Pbop9EfJkZ489YiY816/GOvi RX9YBO1z3WwYD+Zb/wIDAQABo4IC3jCCAtowCQYDVR0TBAIwADALBgNVHQ8EBAMC A6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFLgeIEUm5dyasp9hEmf9 KILf0+yCMB8GA1UdIwQYMBaAFOtCNNCYsKuf9BtrCPfMZC7vDixFMCQGA1UdEQQd MBuCD2NvbmZpZy5yb2NrdC5lc4IIcm9ja3QuZXMwggFWBgNVHSAEggFNMIIBSTAI BgZngQwBAgEwggE7BgsrBgEEAYG1NwECAzCCASowLgYIKwYBBQUHAgEWImh0dHA6 Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwgfcGCCsGAQUFBwICMIHqMCcW IFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MAMCAQEagb5UaGlzIGNl cnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNjb3JkaW5nIHRvIHRoZSBDbGFzcyAxIFZh bGlkYXRpb24gcmVxdWlyZW1lbnRzIG9mIHRoZSBTdGFydENvbSBDQSBwb2xpY3ks IHJlbGlhbmNlIG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGluIGNvbXBs aWFuY2Ugb2YgdGhlIHJlbHlpbmcgcGFydHkgb2JsaWdhdGlvbnMuMDUGA1UdHwQu MCwwKqAooCaGJGh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydDEtY3JsLmNybDCB jgYIKwYBBQUHAQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDovL29jc3Auc3RhcnRz c2wuY29tL3N1Yi9jbGFzczEvc2VydmVyL2NhMEIGCCsGAQUFBzAChjZodHRwOi8v YWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9zdWIuY2xhc3MxLnNlcnZlci5jYS5jcnQw IwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20vMA0GCSqGSIb3DQEB CwUAA4IBAQB34sYHuTTy80otfP0G5rF5ERBrzP5sfG4e8gk3tPezbZUgV2woe41m jkM97DG8LvfIpT79iBd1pcZN3QD4KnBRNIllD0oQ/IdKz4g4Mh9UJNZvM7sLLioD S2CuyEqgZO/M7fWfXBpauAJq7xDgrxGmOqn0SnEyP3hMnmdpht6tjTw7gs3Ct9bm TlFOEO6u6xPB8LAbeRk4Wx5j+Ez12egIeGSKx8/x51pDIs3xW02sf27rpsLFVBIh M+RYmztBSNkfvqNZC6PzUr2xixBadFk23ICWxYYpDvQOvFOcNzVkI4ePXPjbvj38 V7tzbTEf8pFdasXRnYqNoHkVuggemYXb -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0iTZrk+SvmMwpGhNUzIs aVbRpTbEPVZR2D6oZytkXbt888zSN5Pza54U1qd5XeIU+glzXdSLHZg7obtGWlO4 9WwLPyyBxYLRw1AFbXxEL4znIYrQ23BycIqcRBGUkQBvwTeN6kAHovp/dVMrEjJE E6aM0Y+OtsiqXn7aZ4zWwNMomMtWlTpnxQCO3YRkULFQip5y6VbXifb3isc7N12F +hIRF83YC1UFsmB4YouDiahwCz42XDAazS+yjGPUv4jagPrGwJy9Y5HDzL0bul6u w7SR/7B4iDMSfEYxl5AIz2kI3vZBPRKLegO83IYTZTpuKsr5XXSpRPYyuwUbhOjJ jH859g6n6258CkRgVt1XNPiBtrzi5Xr/Fct4aoU+29nTFqwTqGQEjhubGS5a3Y/7 miZegvUBFxUWW8Ojzs43OAq0Lfos88F6MjrjA70SG5MEc90rxnwEpFBUIZ1nJZj0 PUA/s4Rd03Ee4p3aOh9fyTLB5sROCP5xFYpUgcOJkoxY4PLyY1EqGnwVOTPuOb9V uKIm0nNN72jyzfXaxoTYmeW1M3ESqmbmcso0BdXOqG78XsrEiHJrjI4ruDjhLXuo TO6HsvZVnlSkjC3UR8S6I48/txzaSPeEZr8S9TSMl1Kctz26KfRHyZGePPWImPNe vxjr4kV/WATtc91sGA/mW/8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 624046 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-03-13 09:43:16 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-03-14 16:31:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'config.rockt.es' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 857312504960651504125916350999993709000450675732444617458586954326408258466757091720813062685150149732409416365493968767449930450492020609442338360107696154129160547110620924377584844474979985835675891531460789391595628973594399645603496440962095437176079322126057664026057862406776864218319306912654172834096069510858963263076789886292788921528262350657178172216423565079234963886985216577153185233358786136547151759641639342840166332968733667392195329195929368990049246237734932053119428865125589818170287395261731660608610266867399076200230881557400941007404096536514762245331837641653445038135310875080109805807903548834208994799747742599440640207830794969916203255176574546891305221634215187185931747761040385943906750687438001294494623040762209155393963293193020578279066762398884151659591433567677664763174063390775096658470712236323299409448893155361749363543348857969541489599728285037373193802272914621016334095567357953351830169482447622202639622411747069528421162997979279296159649189315271398000217815041387870990527794682205363468750647181104569470323640579096321499814098688967380418852451311899045076292692411203424407998075908889756027520940780073088917187642363661629131662735797636911878830122238918643824370015231 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b81e204526e5dc9ab29f611267fd2882dfd3ec82 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName eb4234d098b0ab9ff41b6b08f7cc642eef0e2c45 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'config.rockt.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rockt.es' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (333 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 67 108 97 115 115 32 49 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt1-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class1/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class1.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0077e2c607b934f2f34a2d7cfd06e6b17911106bccfe6c7c6e1ef20937b4f7b36d9520576c287b8d668e433dec31bc2ef7c8a53efd881775a5c64ddd00f82a70513489650f4a10fc874acf8838321f5424d66f33bb0b2e2a034b60aec84aa064efccedf59f5c1a5ab8026aef10e0af11a63aa9f44a71323f784c9e676986dead8d3c3b82cdc2b7d6e64e514e10eeaeeb13c1f0b01b7919385b1e63f84cf5d9e80878648ac7cff1e75a4322cdf15b4dac7f6eeba6c2c554122133e4589b3b4148d91fbea3590ba3f352bdb18b105a745936dc8096c586290ef40ebc539c37356423878f5cf8dbbe3dfc57bb736d311ff2915d6ac5d19d8a8da07915ba081e9985db