krita.org
- K Desktop Environment e.V. -
Issued by StartCom Class 3 OV Server CA
About this certificate
This digital certificate with serial number 46:2b:a6:84:fe:af:0f:91:7c:47:28:d3:04:9b:ea:39 was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
K Desktop Environment e.V.
Organization:
K Desktop Environment e.V.
State / Province:
Berlin
Locality: Berlin
Country: DE
Locality: Berlin
Country: DE
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: StartCom Certification Authority
Organization unit: StartCom Certification Authority
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 46:2b:a6:84:fe:af:0f:91:7c:47:28:d3:04:9b:ea:39Serial Number (int): 93272605886793594783760755718356724281
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: a2:46:09:ca:41:3a:bd:8d:9c:51:8c:71:02:9f:80:de:2c:9e:2b:c2
AuthorityKeyId: b1:3f:1c:92:7b:92:b0:5a:25:b3:38:fb:9c:07:a4:26:50:32:e3:51
Fingerprint (sha1): 61:62:31:9b:2c:52:5c:dc:71:03:df:cd:fd:ac:01:6e:3a:9c:a9:ca
Fingerprint (sha256): 27:e2:66:67:84:b8:5d:6c:8b:28:32:fd:79:3c:a8:93:55:f8:55:e6:e5:28:3d:23:2e:18:bf:0f:73:a4:1c:25
Issuing Certificate URL: http://aia.startssl.com/certs/sca.server3.crt
Revocation information
OCSP Server: http://ocsp.startssl.comCRL Distribution Point: http://crl.startssl.com/sca-server3.crl
Check the revocation status for certificate krita.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for krita.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
krita.org
*.krita.org
*.krita.org
Other certificates including the domain name krita.org
(limited to 100 certificates)
share.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
sni.cloudflaressl.com
krita.org
incapsula.com
docs.krita.org
share.krita.org
*.krita.org
krita.org
krita.org
docs.krita.org
share.krita.org
share.krita.org
share.krita.org
krita.org
share.krita.org
share.krita.org
krita.org
krita.org
sni.cloudflaressl.com
share.krita.org
share.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
incapsula.com
krita.org
krita.org
docs.krita.org
docs.krita.org
share.krita.org
docs.krita.org
*.krita.org
docs.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
docs.krita.org
share.krita.org
docs.krita.org
incapsula.com
*.krita.org
krita.org
krita.org
*.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
docs.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
krita.org
krita.org
krita.org
share.krita.org
krita.org
docs.krita.org
sni.cloudflaressl.com
krita.org
krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
share.krita.org
sni.cloudflaressl.com
krita.org
incapsula.com
docs.krita.org
share.krita.org
*.krita.org
krita.org
krita.org
docs.krita.org
share.krita.org
share.krita.org
share.krita.org
krita.org
share.krita.org
share.krita.org
krita.org
krita.org
sni.cloudflaressl.com
share.krita.org
share.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
incapsula.com
krita.org
krita.org
docs.krita.org
docs.krita.org
share.krita.org
docs.krita.org
*.krita.org
docs.krita.org
share.krita.org
krita.org
incapsula.com
share.krita.org
docs.krita.org
share.krita.org
docs.krita.org
incapsula.com
*.krita.org
krita.org
krita.org
*.krita.org
docs.krita.org
krita.org
krita.org
share.krita.org
krita.org
krita.org
docs.krita.org
krita.org
incapsula.com
share.krita.org
krita.org
krita.org
krita.org
krita.org
share.krita.org
krita.org
docs.krita.org
sni.cloudflaressl.com
krita.org
krita.org
Certificate
The complete raw certificate details for krita.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGOTCCBSGgAwIBAgIQRiumhP6vD5F8RyjTBJvqOTANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDMgT1YgU2VydmVyIENBMB4XDTE2MDYxNTEwMTI0OFoXDTE5MDYx NTEwMTI0OFowaDELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UE BwwGQmVybGluMSMwIQYDVQQKDBpLIERlc2t0b3AgRW52aXJvbm1lbnQgZS5WLjES MBAGA1UEAwwJa3JpdGEub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyTUYpUHsi6QWkrBeEiHkAeEgDXfB/OW0QOqdCVJp5vWG/g6kgCtMy4fOPXD8 1Ds/pJTl2xrm0rpkT/2BoNav8NVNd/ZelPDn2e9CA0nZQ+tWU6Ui4QIK//lGWCGK P9RrXl63ChXFZkaeJ7NtpbVLT3Ld2grc1wqQ9PYJtjSKzX8kLRik8gjV3f+OimFD ZegZI7ydIx1MPswJ8Ak16A5qNwJdkzzi7QnB7mUoddzXLUA6TiRew/OwjjB/z27U 2shRv/z0hw5e39ezpmyGJM/F0ecpdiiJEC900Y4FA7hwKCLl+4W/ZfRerwvrXn3+ UV4mfV5cN9WquYGi1KeFXpo9gQIDAQABo4ICzTCCAskwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAJBgNVHRMEAjAAMB0GA1Ud DgQWBBSiRgnKQTq9jZxRjHECn4DeLJ4rwjAfBgNVHSMEGDAWgBSxPxySe5KwWiWz OPucB6QmUDLjUTBvBggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v Y3NwLnN0YXJ0c3NsLmNvbTA5BggrBgEFBQcwAoYtaHR0cDovL2FpYS5zdGFydHNz bC5jb20vY2VydHMvc2NhLnNlcnZlcjMuY3J0MDgGA1UdHwQxMC8wLaAroCmGJ2h0 dHA6Ly9jcmwuc3RhcnRzc2wuY29tL3NjYS1zZXJ2ZXIzLmNybDAhBgNVHREEGjAY gglrcml0YS5vcmeCCyoua3JpdGEub3JnMCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cu c3RhcnRzc2wuY29tLzBRBgNVHSAESjBIMAgGBmeBDAECAjA8BgsrBgEEAYG1NwEC BTAtMCsGCCsGAQUFBwIBFh9odHRwczovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5 MIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAaPaY+B9kgr46jO65KB1M/HFRXWeT 1ETRCmesu09P+8QAAAFVU6jALwAABAMASDBGAiEAj5lUGtWWILeNK+SiHfU3BRxv +MPzuw123NUYHNVoen0CIQDyy+ugSWbcIW0s2G3x5IMu568VNEU8ORBjKYm6zzzJ qwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABVVOowEUAAAQD AEcwRQIhAN/UwsK9hysh0aA5lk3ATLvOahSbMsC8h1x47fxAsRpeAiBc6eRsk/xj Q7g6AkoIwcq4S6fMWZD62PJDQrmChDuS4zANBgkqhkiG9w0BAQsFAAOCAQEALRdx LP49LK4inlLuwHVoxhE9GCvki5Y13an4tQzaPyxGk/S/pIkTy2YeKTKmXKOypX+o Lr45i+HB5dDvBAczUFIURsCing7SnDCizFTGaqN3vMbIYqZukhWdVhM4tjyC83J5 FXp9kkz+PcklDn8Ojdf2RK4yYVxreI3HBoAnUreCK9ymMChPBURuM9sZd2JY4dFx 2ToAbnQpT36AOHsmfT8eNwalYglRhQJ594NCKgQXKxOQkjzjqbko1N1QsZpoECHP aIubaEkd5EhHq8EqIuy6bymhxxUjFCKg5I4jZJM2VPXLARotCuaeOUOZn3W51oLZ SOX8Re2QHn3gQuJmYg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTUYpUHsi6QWkrBeEiHk AeEgDXfB/OW0QOqdCVJp5vWG/g6kgCtMy4fOPXD81Ds/pJTl2xrm0rpkT/2BoNav 8NVNd/ZelPDn2e9CA0nZQ+tWU6Ui4QIK//lGWCGKP9RrXl63ChXFZkaeJ7NtpbVL T3Ld2grc1wqQ9PYJtjSKzX8kLRik8gjV3f+OimFDZegZI7ydIx1MPswJ8Ak16A5q NwJdkzzi7QnB7mUoddzXLUA6TiRew/OwjjB/z27U2shRv/z0hw5e39ezpmyGJM/F 0ecpdiiJEC900Y4FA7hwKCLl+4W/ZfRerwvrXn3+UV4mfV5cN9WquYGi1KeFXpo9 gQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 93272605886793594783760755718356724281 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 3 OV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-06-15 10:12:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-15 10:12:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Berlin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'K Desktop Environment e.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'krita.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25400082045562683970691780321699034279738811790239018490198748691779314985225096099281238598402790980903453508017037478246504121976579337319903568288567992517078925336681211057935896194054340517026068944238329214966222204819479770933126826661341476734814312899014032574407526200631739687959512288346293576207445958634229435857166236313727563160707296415679553090623635962709483101996424652415743375213117787542769679397996640384273554041861284223509369134054845454783517334178475128440433047946299333455957249288786209227700161494785186906443677789400631469228863185044441138099927074830922305861296842258918831439233 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a24609ca413abd8d9c518c71029f80de2c9e2bc2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b13f1c927b92b05a25b338fb9c07a4265032e351 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server3.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'krita.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.krita.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.startssl.com/policy' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc40000015553a8c02f00000403004830460221008f99541ad59620b78d2be4a21df537051c6ff8c3f3bb0d76dcd5181cd5687a7d022100f2cbeba04966dc216d2cd86df1e4832ee7af1534453c3910632989bacf3cc9ab007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015553a8c0450000040300473045022100dfd4c2c2bd872b21d1a039964dc04cbbce6a149b32c0bc875c78edfc40b11a5e02205ce9e46c93fc6343b83a024a08c1cab84ba7cc5990fad8f24342b982843b92e3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002d17712cfe3d2cae229e52eec07568c6113d182be48b9635dda9f8b50cda3f2c4693f4bfa48913cb661e2932a65ca3b2a57fa82ebe398be1c1e5d0ef04073350521446c0a29e0ed29c30a2cc54c66aa377bcc6c862a66e92159d561338b63c82f37279157a7d924cfe3dc9250e7f0e8dd7f644ae32615c6b788dc706802752b7822bdca630284f05446e33db19776258e1d171d93a006e74294f7e80387b267d3f1e3706a5620951850279f783422a04172b1390923ce3a9b928d4dd50b19a681021cf688b9b68491de44847abc12a22ecba6f29a1c715231422a0e48e2364933654f5cb011a2d0ae69e3943999f75b9d682d948e5fc45ed901e7de042e26662