blogs.mbgsd.org

- Mechanicsburg Area School District -

Issued by StartCom Class 2 Primary Intermediate Server CA

About this certificate

This digital certificate with serial number 27:1f was issued on by StartCom Ltd..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
  • Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)

Mechanicsburg Area School District

Organization: Mechanicsburg Area School District
Organization unit: StartCom Verified Certificate Member
State / Province: Pennsylvania
Locality: Mechanicsburg
Country: US

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Country: IL

This certificate has expire since

Certificate Details

Serial Number (hex): 27:1f
Serial Number (int): 10015
Serial Number lenght: 14 bits, 2 octets

SubjectKeyId: de:a8:bb:16:42:62:5c:b7:e3:fa:53:a6:27:e2:44:d3:80:e5:3f:65
AuthorityKeyId: 11:db:23:45:fd:54:cc:6a:71:6f:84:8a:03:d7:be:f7:01:2f:26:86

Fingerprint (sha1): b1:21:18:7e:b8:02:b4:fa:32:92:02:a8:8e:76:12:e1:1a:58:a0:cb
Fingerprint (sha256): 33:f0:2c:d1:44:12:4f:5d:20:1e:32:35:f5:58:5e:86:c1:3d:bf:82:2e:b7:19:23:0e:d1:b1:65:ed:86:54:3b

Issuing Certificate URL: http://www.startssl.com/certs/sub.class2.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class2/server/ca
CRL Distribution Point: http://www.startssl.com/crt2-crl.crl
CRL Distribution Point: http://crl.startssl.com/crt2-crl.crl

Check the revocation status for certificate blogs.mbgsd.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for blogs.mbgsd.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

blogs.mbgsd.org
mbgsd.org

Other certificates including the domain name mbgsd.org

(limited to 100 certificates)
sapphire.mbgsd.org
www.bartlettschools.org
helpdesk.mbgsd.org
eschool.mbgsd.org
forums.mbgsd.org
adams.cleburne.k12.tx.us
0-3.texasdhhresources.org
admin.bayhaven.org
admin.aceroschools.org
6gc.mead354.org
mbgsd.org
admin.broadstreet.mbgsd.org
shepherdstown.mbgsd.org
materdeicatholic.org
libanswers.mbgsd.org
libanswers.mbgsd.org
admin.bhs.baker5j.org
stmmsa.org
admin.bms.davidson.k12.nc.us
eschool.mbgsd.org
nms.mbgsd.org
blogs.mbgsd.org
admin.elmwood.mbgsd.org
mbgsd.org
summer.materdeicatholic.org
libanswers.mbgsd.org
www.mbgsd.org
asu.mbgsd.org
adams.cleburne.k12.tx.us
bhs.bcsdk12.org
sapphire.mbgsd.org
0-3.texasdhhresources.org
admin.scs.ealas.org
admin.asgl-lausd.org
6gc.mead354.org
moodle.mbgsd.org
mbgsd.org
upperallen.mbgsd.org
mbgsd.org
blogs.mbgsd.org
blogs.mbgsd.org
elementary.troupisd.org
admin.bhs.baker5j.org
aceroschools.org
admin.bayhaven.org
www.mbgsd.org
sapphire.mbgsd.org
www.mbgsd.org
0-3.texasdhhresources.org
admin.aimschools.org
dudley.centerusd.org
admin.bms.davidson.k12.nc.us
admin.bhs.baker5j.org
monitoring.mbgsd.org
www.sttheresaschool.com
admin.fontanar.online
0-3.texasdhhresources.org
admin.bayhaven.org
preescolar.semperaltius.edu.mx
wiki.mbgsd.org
admin.delreywoods.mpusd.net
admin.bayhaven.org
admin.bayhaven.org
mech49.mbgsd.org
admin.bhs.baker5j.org
eschool.mbgsd.org
monroe.k12.tn.us
admin.aceroschools.org
admin.bhs.baker5j.org
admin.bayhaven.org
eschool.mbgsd.org
0-3.texasdhhresources.org
admin.aimschools.org
sussexcountycatholicschools.org
admin.mynhas.org
admin.aceroschools.org
www.mbgsd.org
0-3.texasdhhresources.org
remote.mbgsd.org
admin.bhs.baker5j.org
breed.exteraschools.org
adams.cleburne.k12.tx.us
admin.bayhaven.org
remote.mbgsd.org
admin.delreywoods.mpusd.net
mbgsd.org
admin.highschool.mbgsd.org
eschool.mbgsd.org
troupisd.org
mbgsd.org
admin.bhs.baker5j.org
admin.bayhaven.org
libanswers.mbgsd.org
admin.bhs.baker5j.org
admin.davidson.k12.nc.us
upperallen.mbgsd.org
admin.dimensions.org
admin.bhs.baker5j.org
admin.highschool.mbgsd.org
southeast.varnett.org

Certificate

The complete raw certificate details for blogs.mbgsd.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHBjCCBe6gAwIBAgICJx8wDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAklM
MRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRh
bCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAy
IFByaW1hcnkgSW50ZXJtZWRpYXRlIFNlcnZlciBDQTAeFw0xMDA2MTUwMjEzMDBa
Fw0xMjA2MTUxMjE2NTJaMIH5MSAwHgYDVQQNExcyMTIxOTYtQVo0TDllQUs0b0Ey
Vk43YzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBlbm5zeWx2YW5pYTEWMBQGA1UE
BxMNTWVjaGFuaWNzYnVyZzErMCkGA1UEChMiTWVjaGFuaWNzYnVyZyBBcmVhIFNj
aG9vbCBEaXN0cmljdDEtMCsGA1UECxMkU3RhcnRDb20gVmVyaWZpZWQgQ2VydGlm
aWNhdGUgTWVtYmVyMRgwFgYDVQQDEw9ibG9ncy5tYmdzZC5vcmcxIzAhBgkqhkiG
9w0BCQEWFHBvc3RtYXN0ZXJAbWJnc2Qub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0Agxh16JNLnOmFkUwDT5p0esRoi4Sm0PwNUKTXv06YnmB52e
1gWIleQRxRZJP52zT+YXzS6R47qY+iVs782oYkUoqMLRttNBORKXUkteQ7FbgORh
AOGn6XdXxKQZyRt0O37Dzt97TCVm+dsze0vaSG28hONYdjOPZLtYKNnuuW8M/SMT
QVXw6ByY8LNysPn76GF7SfySi6RAphIDLUI4WWXmZHIPRYKS0JiseRmNnJmMo+qi
+Rh1qe9qhoc/5A70z8gf3pyI3K5tztWr4XXDw3c477y1OKh1sn7NDgm10fIJOGzj
mKsWRWBw0XAheNykjc2bETCAd0o42UTWzO4B9wIDAQABo4IDATCCAv0wCQYDVR0T
BAIwADALBgNVHQ8EBAMCA6gwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
MB0GA1UdDgQWBBTeqLsWQmJct+P6U6Yn4kTTgOU/ZTAfBgNVHSMEGDAWgBQR2yNF
/VTManFvhIoD1773AS8mhjAlBgNVHREEHjAcgg9ibG9ncy5tYmdzZC5vcmeCCW1i
Z3NkLm9yZzCCAUIGA1UdIASCATkwggE1MIIBMQYLKwYBBAGBtTcBAgIwggEgMC4G
CCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMDQG
CCsGAQUFBwIBFihodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9pbnRlcm1lZGlhdGUu
cGRmMIG3BggrBgEFBQcCAjCBqjAUFg1TdGFydENvbSBMdGQuMAMCAQEagZFMaW1p
dGVkIExpYWJpbGl0eSwgc2VlIHNlY3Rpb24gKkxlZ2FsIExpbWl0YXRpb25zKiBv
ZiB0aGUgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUG9saWN5IGF2
YWlsYWJsZSBhdCBodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMGEG
A1UdHwRaMFgwKqAooCaGJGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2NydDItY3Js
LmNybDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0Mi1jcmwuY3Js
MIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFy
dHNzbC5jb20vc3ViL2NsYXNzMi9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6
Ly93d3cuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczIuc2VydmVyLmNhLmNy
dDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcN
AQEFBQADggEBAOD9GMIUjSYKRthjziOn4eBq73gWYydgDVNsgvTTjhm78MISfRHk
TMa9fHHR0SiUm08LZu3/NligqYxyb7zXiJd79i8sbiI36lie6/JTPRADCpFo2Rlx
uyse2k2LjZesCE7I5/rlcfq4R5/mrevG7mghMKwbPZIPB7kGk9nYL1vLazblMenI
FZPhaYf8Vi30NTjnkpTOwkYMXlJY92nzIZECxyjJNCKsNWwJ9ZCETE4altZLtFgO
Huzy1zAqoygOB9A0Y/0vxLGYXmW0pDSOCWUieG+PQn8TjufCs8ucvv/QlfIzceEI
Lsv46ZxajOrhYvKRLWHSKPJ5nbLGYkEePFI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Agxh16JNLnOmFkUwDT5
p0esRoi4Sm0PwNUKTXv06YnmB52e1gWIleQRxRZJP52zT+YXzS6R47qY+iVs782o
YkUoqMLRttNBORKXUkteQ7FbgORhAOGn6XdXxKQZyRt0O37Dzt97TCVm+dsze0va
SG28hONYdjOPZLtYKNnuuW8M/SMTQVXw6ByY8LNysPn76GF7SfySi6RAphIDLUI4
WWXmZHIPRYKS0JiseRmNnJmMo+qi+Rh1qe9qhoc/5A70z8gf3pyI3K5tztWr4XXD
w3c477y1OKh1sn7NDgm10fIJOGzjmKsWRWBw0XAheNykjc2bETCAd0o42UTWzO4B
9wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10015
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 Primary Intermediate Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-06-15 02:13:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-06-15 12:16:52 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.13 (description)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '212196-AZ4L9eAK4oA2VN7c'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mechanicsburg'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mechanicsburg Area School District'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Verified Certificate Member'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blogs.mbgsd.org'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26261607784481243467596635323116374418831084487285381026131785356275759369412867140879717493889188032314725584184794959677091281838679231690338362205896485688227586206880383909318109728577922526314921414547404632045526966820369943087313609006969652276236849984892860749889104403269239010174669446592534221396983483430912327383785479916310312673517912810238593174500633818171472915653523597250203109389289350278975976169121206501756698488570622498415568784987143621756747429623142990823894653193643139268819640896608880070867064030418944676834491310065985589376860587144477238396059686867621950060589534624032077251063
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits)
							03a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dea8bb1642625cb7e3fa53a627e244d380e53f65
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 11db2345fd54cc6a716f848a03d7bef7012f2686
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blogs.mbgsd.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mbgsd.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (313 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/intermediate.pdf'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Ltd.'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [76 105 109 105 116 101 100 32 76 105 97 98 105 108 105 116 121 44 32 115 101 101 32 115 101 99 116 105 111 110 32 42 76 101 103 97 108 32 76 105 109 105 116 97 116 105 111 110 115 42 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 101 114 116 105 102 105 99 97 116 105 111 110 32 65 117 116 104 111 114 105 116 121 32 80 111 108 105 99 121 32 97 118 97 105 108 97 98 108 101 32 97 116 32 104 116 116 112 58 47 47 119 119 119 46 115 116 97 114 116 115 115 108 46 99 111 109 47 112 111 108 105 99 121 46 112 100 102]
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/crt2-crl.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt2-crl.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class2/server/ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/certs/sub.class2.server.ca.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00e0fd18c2148d260a46d863ce23a7e1e06aef78166327600d536c82f4d38e19bbf0c2127d11e44cc6bd7c71d1d128949b4f0b66edff3658a0a98c726fbcd788977bf62f2c6e2237ea589eebf2533d10030a9168d91971bb2b1eda4d8b8d97ac084ec8e7fae571fab8479fe6adebc6ee682130ac1b3d920f07b90693d9d82f5bcb6b36e531e9c81593e16987fc562df43538e79294cec2460c5e5258f769f3219102c728c93422ac356c09f590844c4e1a96d64bb4580e1eecf2d7302aa3280e07d03463fd2fc4b1985e65b4a4348e096522786f8f427f138ee7c2b3cb9cbeffd095f23371e1082ecbf8e99c5a8ceae162f2912d61d228f2799db2c662411e3c52