gosuslugi.feature12.dnevnik.ru

Issued by StartCom Class 1 DV Server CA

About this certificate

This digital certificate with serial number 37:71:66:f7:8d:10:61:36:17:cb:a8:0a:b9:2e:2e:23 was issued on by StartCom Ltd..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=gosuslugi.feature12.dnevnik.ru,C=RU

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: StartCom Certification Authority
Country: IL

This certificate has expire since

Certificate Details

Serial Number (hex): 37:71:66:f7:8d:10:61:36:17:cb:a8:0a:b9:2e:2e:23
Serial Number (int): 73696357731977710290719118565653229091
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: c4:56:f1:d2:f0:00:8f:31:ed:7e:a8:37:6c:ce:1b:36:5a:53:51:5c
AuthorityKeyId: d7:91:4e:01:c4:b0:bf:f8:c8:67:93:44:9c:e7:33:fa:ad:93:0c:af

Fingerprint (sha1): 36:a9:48:95:7a:55:30:13:00:c1:da:92:dc:22:27:12:ec:1e:b7:19
Fingerprint (sha256): 22:86:62:92:53:97:e9:9e:0a:5a:20:ea:46:7f:95:9a:17:2a:3e:3d:4c:8e:20:f1:c0:30:82:c4:2e:b4:db:76

Issuing Certificate URL: http://aia.startssl.com/certs/sca.server1.crt

Revocation information

OCSP Server: http://ocsp.startssl.com
CRL Distribution Point: http://crl.startssl.com/sca-server1.crl

Check the revocation status for certificate gosuslugi.feature12.dnevnik.ru

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gosuslugi.feature12.dnevnik.ru

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

11 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gosuslugi.feature12.dnevnik.ru

Other certificates including the domain name dnevnik.ru

(limited to 100 certificates)
help.dnevnik.ru
static.feature10.dnevnik.ru
networks.feature02.dnevnik.ru
api.feature10.dnevnik.ru
*.dnevnik.ru
*.feature01.dnevnik.ru
api.kolushev.dnevnik.ru
feature10.dnevnik.ru
static.feature08.dnevnik.ru
feature08.dnevnik.ru
geoservice.feature10.dnevnik.ru
ts.feature14.dnevnik.ru
ts.feature08.dnevnik.ru
*.feature13.dnevnik.ru
files.feature07.dnevnik.ru
feature02.dnevnik.ru
f1.feature02.dnevnik.ru
api.feature02.dnevnik.ru
help.dnevnik.ru
files.feature01.dnevnik.ru
static.feature01.dnevnik.ru
feature02.dnevnik.ru
feature01.dnevnik.ru
api.feature08.dnevnik.ru
staging.dnevnik.ru
wiki.feature08.dnevnik.ru
feature05.dnevnik.ru
ts.feature04.dnevnik.ru
feature08.dnevnik.ru
staging.dnevnik.ru
files.feature13.dnevnik.ru
files.feature10.dnevnik.ru
events.feature02.dnevnik.ru
*.staging.dnevnik.ru
feature01.dnevnik.ru
*.dnevnik.ru
test.dnevnik.ru
feature12.dnevnik.ru
children.feature08.dnevnik.ru
gosuslugi.feature12.dnevnik.ru
api.feature08.dnevnik.ru
dengi.dnevnik.ru
ts.feature05.dnevnik.ru
*.dnevnik.ru
api.feature02.dnevnik.ru
static.feature05.dnevnik.ru
feature14.dnevnik.ru
*.dnevnik.ru
feature12.dnevnik.ru
feature04.dnevnik.ru
authorities.feature02.dnevnik.ru
api.feature10.dnevnik.ru
login.feature02.dnevnik.ru
feature08.dnevnik.ru
ts.feature13.dnevnik.ru
authorities.feature09.dnevnik.ru
children.feature02.dnevnik.ru
feature04.dnevnik.ru
*.dnevnik.ru
feature08.dnevnik.ru
feature08.dnevnik.ru
*.feature12.dnevnik.ru
api.feature10.dnevnik.ru
files.feature11.dnevnik.ru
help.dnevnik.ru
company.feature08.dnevnik.ru
files.feature03.dnevnik.ru
ae1.feature09.dnevnik.ru
files.feature04.dnevnik.ru
feature08.dnevnik.ru
*.feature10.dnevnik.ru
ts.feature11.dnevnik.ru
help.dnevnik.ru
schools.feature02.dnevnik.ru
api.tsykanov.dnevnik.ru
help.dnevnik.ru
ts.feature07.dnevnik.ru
feature07.dnevnik.ru
ts.feature08.dnevnik.ru
api.feature06.dnevnik.ru
files.feature12.dnevnik.ru
ts.feature10.dnevnik.ru
lib.feature02.dnevnik.ru
feature02.dnevnik.ru
static.feature04.dnevnik.ru
help.dnevnik.ru
groups.feature02.dnevnik.ru
feature14.dnevnik.ru
vpn2.dnevnik.ru
*.staging.dnevnik.ru
login.feature02.dnevnik.ru
static.feature12.dnevnik.ru
wiki.feature02.dnevnik.ru
feature06.dnevnik.ru
*.dnevnik.ru
api.feature02.dnevnik.ru
*.feature04.dnevnik.ru
authorities.feature08.dnevnik.ru
help.dnevnik.ru
api.feature02.dnevnik.ru

Certificate

The complete raw certificate details for gosuslugi.feature12.dnevnik.ru in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIQN3Fm940QYTYXy6gKuS4uIzANBgkqhkiG9w0BAQsFADB4
MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg
U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0
Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4XDTE2MDkyMTEzMDcyMloXDTE5MDky
MTEzMDcyMlowNjELMAkGA1UEBhMCUlUxJzAlBgNVBAMMHmdvc3VzbHVnaS5mZWF0
dXJlMTIuZG5ldm5pay5ydTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN9aB9V0E73WcaU0yShcm155oejW4UG8B2oGdd6+EjG89C13+ftkcl0OR8UQYPl+
7aDmiCGQyBAgxHtBszzw8WD0Qvd10FeH9b21vZ3UbioB5X/RRddCND0w2u02LZAc
4vt19Ni8xtd/9rmZYth6WrbHkByC3sNFhb4/XQInFLgkjc4HalFVJsbjklP4djBk
5OxxkDY8yWoHx8eGwLTMnLHOurL/MRIufDWsp8qgcgEmra1Gd+cEekN9hvlhlDLZ
10kEh24psBFjegw2AyH8rQTDvkzeZqz36O5QGXngCDyBUqaJujkkFFKX51YHbvNQ
xnDESkqs5HYTdKCMyfq38wMCAwEAAaOCAeEwggHdMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4E
FgQUxFbx0vAAjzHtfqg3bM4bNlpTUVwwHwYDVR0jBBgwFoAU15FOAcSwv/jIZ5NE
nOcz+q2TDK8wbwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
cC5zdGFydHNzbC5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9haWEuc3RhcnRzc2wu
Y29tL2NlcnRzL3NjYS5zZXJ2ZXIxLmNydDA4BgNVHR8EMTAvMC2gK6AphidodHRw
Oi8vY3JsLnN0YXJ0c3NsLmNvbS9zY2Etc2VydmVyMS5jcmwwKQYDVR0RBCIwIIIe
Z29zdXNsdWdpLmZlYXR1cmUxMi5kbmV2bmlrLnJ1MCMGA1UdEgQcMBqGGGh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tLzBRBgNVHSAESjBIMAgGBmeBDAECATA8BgsrBgEE
AYG1NwECBTAtMCsGCCsGAQUFBwIBFh9odHRwczovL3d3dy5zdGFydHNzbC5jb20v
cG9saWN5MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAb
iTtFV8G8EEkFGUnncOsEAZlCAjxPlpSUfjd2FrgRvpkSWLp9Y94Mkn2fhbjlyCoG
q2Rh4gByebRhWgvf4HZZJLYc9V+zB1HaWs3aEKqoP8ndtPkejrF5gSR8sxNafwpy
EsdiWWLYfY5VTB/ip9OXebyAq+iA8yI8aR0101Py6Js7BIyo3x3j2nfIjz2j0DJl
s9CV+jXxy0CL95U7xiazuTcx5G68mD5GaIH8AsS6l3uILNGILEdETkwTKX7pPbUc
ariwcF1nQTqCQ8hsGX1BKZknv3X2qdSAQpvMSnHqN+UB400RQ2HybkJmrxlmEdlB
Bf0A713D9Fn34tRmpGs+
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31oH1XQTvdZxpTTJKFyb
Xnmh6NbhQbwHagZ13r4SMbz0LXf5+2RyXQ5HxRBg+X7toOaIIZDIECDEe0GzPPDx
YPRC93XQV4f1vbW9ndRuKgHlf9FF10I0PTDa7TYtkBzi+3X02LzG13/2uZli2Hpa
tseQHILew0WFvj9dAicUuCSNzgdqUVUmxuOSU/h2MGTk7HGQNjzJagfHx4bAtMyc
sc66sv8xEi58NaynyqByASatrUZ35wR6Q32G+WGUMtnXSQSHbimwEWN6DDYDIfyt
BMO+TN5mrPfo7lAZeeAIPIFSpom6OSQUUpfnVgdu81DGcMRKSqzkdhN0oIzJ+rfz
AwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 73696357731977710290719118565653229091
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 DV Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-21 13:07:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-21 13:07:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RU'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'gosuslugi.feature12.dnevnik.ru'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28195537751333053972734066030778133651015216604900431496408621914402035236580981452009096181487351742357572368144486013768565883222907188887851178910218952236509261237328815468540272047090936232346610956278004153331012748478141156469334701992944642126091634017641255468416721522008100698062270737747476493649408446149528922883225499337386713303498324862805380229673831749245238849583027876824575489443544533278043420316435273277775403232416968336165845679249643481429244079721020643280120844383450555910385449906498524446293950422903311747725590569534129118705860748566562691001996601809398390528974123008918782735107
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c456f1d2f0008f31ed7ea8376cce1b365a53515c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d7914e01c4b0bff8c86793449ce733faad930caf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gosuslugi.feature12.dnevnik.ru'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.5
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.startssl.com/policy'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		001b893b4557c1bc1049051949e770eb04019942023c4f9694947e377616b811be991258ba7d63de0c927d9f85b8e5c82a06ab6461e2007279b4615a0bdfe0765924b61cf55fb30751da5acdda10aaa83fc9ddb4f91e8eb17981247cb3135a7f0a7212c7625962d87d8e554c1fe2a7d39779bc80abe880f3223c691d35d353f2e89b3b048ca8df1de3da77c88f3da3d03265b3d095fa35f1cb408bf7953bc626b3b93731e46ebc983e466881fc02c4ba977b882cd1882c47444e4c13297ee93db51c6ab8b0705d67413a8243c86c197d41299927bf75f6a9d480429bcc4a71ea37e501e34d114361f26e4266af196611d94105fd00ef5dc3f459f7e2d466a46b3e