blogs.mbgsd.org
- Mechanicsburg Area School District -
Issued by StartCom Class 2 Primary Intermediate Server CA
About this certificate
This digital certificate with serial number 27:1f was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Mechanicsburg Area School District
Organization:
Mechanicsburg Area School District
Organization unit: StartCom Verified Certificate Member
Organization unit: StartCom Verified Certificate Member
State / Province:
Pennsylvania
Locality: Mechanicsburg
Country: US
Locality: Mechanicsburg
Country: US
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Organization unit: Secure Digital Certificate Signing
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 27:1fSerial Number (int): 10015
Serial Number lenght: 14 bits, 2 octets
SubjectKeyId: de:a8:bb:16:42:62:5c:b7:e3:fa:53:a6:27:e2:44:d3:80:e5:3f:65
AuthorityKeyId: 11:db:23:45:fd:54:cc:6a:71:6f:84:8a:03:d7:be:f7:01:2f:26:86
Fingerprint (sha1): b1:21:18:7e:b8:02:b4:fa:32:92:02:a8:8e:76:12:e1:1a:58:a0:cb
Fingerprint (sha256): 33:f0:2c:d1:44:12:4f:5d:20:1e:32:35:f5:58:5e:86:c1:3d:bf:82:2e:b7:19:23:0e:d1:b1:65:ed:86:54:3b
Issuing Certificate URL: http://www.startssl.com/certs/sub.class2.server.ca.crt
Revocation information
OCSP Server: http://ocsp.startssl.com/sub/class2/server/caCRL Distribution Point: http://www.startssl.com/crt2-crl.crl
CRL Distribution Point: http://crl.startssl.com/crt2-crl.crl
Check the revocation status for certificate blogs.mbgsd.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for blogs.mbgsd.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
blogs.mbgsd.org
mbgsd.org
mbgsd.org
Other certificates including the domain name mbgsd.org
(limited to 100 certificates)
sapphire.mbgsd.org
www.bartlettschools.org
helpdesk.mbgsd.org
eschool.mbgsd.org
forums.mbgsd.org
adams.cleburne.k12.tx.us
0-3.texasdhhresources.org
admin.bayhaven.org
admin.aceroschools.org
6gc.mead354.org
mbgsd.org
admin.broadstreet.mbgsd.org
shepherdstown.mbgsd.org
materdeicatholic.org
libanswers.mbgsd.org
libanswers.mbgsd.org
admin.bhs.baker5j.org
stmmsa.org
admin.bms.davidson.k12.nc.us
eschool.mbgsd.org
nms.mbgsd.org
blogs.mbgsd.org
admin.elmwood.mbgsd.org
mbgsd.org
summer.materdeicatholic.org
libanswers.mbgsd.org
www.mbgsd.org
asu.mbgsd.org
adams.cleburne.k12.tx.us
bhs.bcsdk12.org
sapphire.mbgsd.org
0-3.texasdhhresources.org
admin.scs.ealas.org
admin.asgl-lausd.org
6gc.mead354.org
moodle.mbgsd.org
mbgsd.org
upperallen.mbgsd.org
mbgsd.org
blogs.mbgsd.org
blogs.mbgsd.org
elementary.troupisd.org
admin.bhs.baker5j.org
aceroschools.org
admin.bayhaven.org
www.mbgsd.org
sapphire.mbgsd.org
www.mbgsd.org
0-3.texasdhhresources.org
admin.aimschools.org
dudley.centerusd.org
admin.bms.davidson.k12.nc.us
admin.bhs.baker5j.org
monitoring.mbgsd.org
www.sttheresaschool.com
admin.fontanar.online
0-3.texasdhhresources.org
admin.bayhaven.org
preescolar.semperaltius.edu.mx
wiki.mbgsd.org
admin.delreywoods.mpusd.net
admin.bayhaven.org
admin.bayhaven.org
mech49.mbgsd.org
admin.bhs.baker5j.org
eschool.mbgsd.org
monroe.k12.tn.us
admin.aceroschools.org
admin.bhs.baker5j.org
admin.bayhaven.org
eschool.mbgsd.org
0-3.texasdhhresources.org
admin.aimschools.org
sussexcountycatholicschools.org
admin.mynhas.org
admin.aceroschools.org
www.mbgsd.org
0-3.texasdhhresources.org
remote.mbgsd.org
admin.bhs.baker5j.org
breed.exteraschools.org
adams.cleburne.k12.tx.us
admin.bayhaven.org
remote.mbgsd.org
admin.delreywoods.mpusd.net
mbgsd.org
admin.highschool.mbgsd.org
eschool.mbgsd.org
troupisd.org
mbgsd.org
admin.bhs.baker5j.org
admin.bayhaven.org
libanswers.mbgsd.org
admin.bhs.baker5j.org
admin.davidson.k12.nc.us
upperallen.mbgsd.org
admin.dimensions.org
admin.bhs.baker5j.org
admin.highschool.mbgsd.org
southeast.varnett.org
www.bartlettschools.org
helpdesk.mbgsd.org
eschool.mbgsd.org
forums.mbgsd.org
adams.cleburne.k12.tx.us
0-3.texasdhhresources.org
admin.bayhaven.org
admin.aceroschools.org
6gc.mead354.org
mbgsd.org
admin.broadstreet.mbgsd.org
shepherdstown.mbgsd.org
materdeicatholic.org
libanswers.mbgsd.org
libanswers.mbgsd.org
admin.bhs.baker5j.org
stmmsa.org
admin.bms.davidson.k12.nc.us
eschool.mbgsd.org
nms.mbgsd.org
blogs.mbgsd.org
admin.elmwood.mbgsd.org
mbgsd.org
summer.materdeicatholic.org
libanswers.mbgsd.org
www.mbgsd.org
asu.mbgsd.org
adams.cleburne.k12.tx.us
bhs.bcsdk12.org
sapphire.mbgsd.org
0-3.texasdhhresources.org
admin.scs.ealas.org
admin.asgl-lausd.org
6gc.mead354.org
moodle.mbgsd.org
mbgsd.org
upperallen.mbgsd.org
mbgsd.org
blogs.mbgsd.org
blogs.mbgsd.org
elementary.troupisd.org
admin.bhs.baker5j.org
aceroschools.org
admin.bayhaven.org
www.mbgsd.org
sapphire.mbgsd.org
www.mbgsd.org
0-3.texasdhhresources.org
admin.aimschools.org
dudley.centerusd.org
admin.bms.davidson.k12.nc.us
admin.bhs.baker5j.org
monitoring.mbgsd.org
www.sttheresaschool.com
admin.fontanar.online
0-3.texasdhhresources.org
admin.bayhaven.org
preescolar.semperaltius.edu.mx
wiki.mbgsd.org
admin.delreywoods.mpusd.net
admin.bayhaven.org
admin.bayhaven.org
mech49.mbgsd.org
admin.bhs.baker5j.org
eschool.mbgsd.org
monroe.k12.tn.us
admin.aceroschools.org
admin.bhs.baker5j.org
admin.bayhaven.org
eschool.mbgsd.org
0-3.texasdhhresources.org
admin.aimschools.org
sussexcountycatholicschools.org
admin.mynhas.org
admin.aceroschools.org
www.mbgsd.org
0-3.texasdhhresources.org
remote.mbgsd.org
admin.bhs.baker5j.org
breed.exteraschools.org
adams.cleburne.k12.tx.us
admin.bayhaven.org
remote.mbgsd.org
admin.delreywoods.mpusd.net
mbgsd.org
admin.highschool.mbgsd.org
eschool.mbgsd.org
troupisd.org
mbgsd.org
admin.bhs.baker5j.org
admin.bayhaven.org
libanswers.mbgsd.org
admin.bhs.baker5j.org
admin.davidson.k12.nc.us
upperallen.mbgsd.org
admin.dimensions.org
admin.bhs.baker5j.org
admin.highschool.mbgsd.org
southeast.varnett.org
Certificate
The complete raw certificate details for blogs.mbgsd.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHBjCCBe6gAwIBAgICJx8wDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAklM MRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRh bCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAy IFByaW1hcnkgSW50ZXJtZWRpYXRlIFNlcnZlciBDQTAeFw0xMDA2MTUwMjEzMDBa Fw0xMjA2MTUxMjE2NTJaMIH5MSAwHgYDVQQNExcyMTIxOTYtQVo0TDllQUs0b0Ey Vk43YzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBlbm5zeWx2YW5pYTEWMBQGA1UE BxMNTWVjaGFuaWNzYnVyZzErMCkGA1UEChMiTWVjaGFuaWNzYnVyZyBBcmVhIFNj aG9vbCBEaXN0cmljdDEtMCsGA1UECxMkU3RhcnRDb20gVmVyaWZpZWQgQ2VydGlm aWNhdGUgTWVtYmVyMRgwFgYDVQQDEw9ibG9ncy5tYmdzZC5vcmcxIzAhBgkqhkiG 9w0BCQEWFHBvc3RtYXN0ZXJAbWJnc2Qub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA0Agxh16JNLnOmFkUwDT5p0esRoi4Sm0PwNUKTXv06YnmB52e 1gWIleQRxRZJP52zT+YXzS6R47qY+iVs782oYkUoqMLRttNBORKXUkteQ7FbgORh AOGn6XdXxKQZyRt0O37Dzt97TCVm+dsze0vaSG28hONYdjOPZLtYKNnuuW8M/SMT QVXw6ByY8LNysPn76GF7SfySi6RAphIDLUI4WWXmZHIPRYKS0JiseRmNnJmMo+qi +Rh1qe9qhoc/5A70z8gf3pyI3K5tztWr4XXDw3c477y1OKh1sn7NDgm10fIJOGzj mKsWRWBw0XAheNykjc2bETCAd0o42UTWzO4B9wIDAQABo4IDATCCAv0wCQYDVR0T BAIwADALBgNVHQ8EBAMCA6gwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB MB0GA1UdDgQWBBTeqLsWQmJct+P6U6Yn4kTTgOU/ZTAfBgNVHSMEGDAWgBQR2yNF /VTManFvhIoD1773AS8mhjAlBgNVHREEHjAcgg9ibG9ncy5tYmdzZC5vcmeCCW1i Z3NkLm9yZzCCAUIGA1UdIASCATkwggE1MIIBMQYLKwYBBAGBtTcBAgIwggEgMC4G CCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMDQG CCsGAQUFBwIBFihodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9pbnRlcm1lZGlhdGUu cGRmMIG3BggrBgEFBQcCAjCBqjAUFg1TdGFydENvbSBMdGQuMAMCAQEagZFMaW1p dGVkIExpYWJpbGl0eSwgc2VlIHNlY3Rpb24gKkxlZ2FsIExpbWl0YXRpb25zKiBv ZiB0aGUgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUG9saWN5IGF2 YWlsYWJsZSBhdCBodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMGEG A1UdHwRaMFgwKqAooCaGJGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2NydDItY3Js LmNybDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0Mi1jcmwuY3Js MIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFy dHNzbC5jb20vc3ViL2NsYXNzMi9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6 Ly93d3cuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczIuc2VydmVyLmNhLmNy dDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcN AQEFBQADggEBAOD9GMIUjSYKRthjziOn4eBq73gWYydgDVNsgvTTjhm78MISfRHk TMa9fHHR0SiUm08LZu3/NligqYxyb7zXiJd79i8sbiI36lie6/JTPRADCpFo2Rlx uyse2k2LjZesCE7I5/rlcfq4R5/mrevG7mghMKwbPZIPB7kGk9nYL1vLazblMenI FZPhaYf8Vi30NTjnkpTOwkYMXlJY92nzIZECxyjJNCKsNWwJ9ZCETE4altZLtFgO Huzy1zAqoygOB9A0Y/0vxLGYXmW0pDSOCWUieG+PQn8TjufCs8ucvv/QlfIzceEI Lsv46ZxajOrhYvKRLWHSKPJ5nbLGYkEePFI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Agxh16JNLnOmFkUwDT5 p0esRoi4Sm0PwNUKTXv06YnmB52e1gWIleQRxRZJP52zT+YXzS6R47qY+iVs782o YkUoqMLRttNBORKXUkteQ7FbgORhAOGn6XdXxKQZyRt0O37Dzt97TCVm+dsze0va SG28hONYdjOPZLtYKNnuuW8M/SMTQVXw6ByY8LNysPn76GF7SfySi6RAphIDLUI4 WWXmZHIPRYKS0JiseRmNnJmMo+qi+Rh1qe9qhoc/5A70z8gf3pyI3K5tztWr4XXD w3c477y1OKh1sn7NDgm10fIJOGzjmKsWRWBw0XAheNykjc2bETCAd0o42UTWzO4B 9wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10015 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-06-15 02:13:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-06-15 12:16:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.13 (description) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '212196-AZ4L9eAK4oA2VN7c' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pennsylvania' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mechanicsburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mechanicsburg Area School District' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Verified Certificate Member' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blogs.mbgsd.org' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26261607784481243467596635323116374418831084487285381026131785356275759369412867140879717493889188032314725584184794959677091281838679231690338362205896485688227586206880383909318109728577922526314921414547404632045526966820369943087313609006969652276236849984892860749889104403269239010174669446592534221396983483430912327383785479916310312673517912810238593174500633818171472915653523597250203109389289350278975976169121206501756698488570622498415568784987143621756747429623142990823894653193643139268819640896608880070867064030418944676834491310065985589376860587144477238396059686867621950060589534624032077251063 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dea8bb1642625cb7e3fa53a627e244d380e53f65 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 11db2345fd54cc6a716f848a03d7bef7012f2686 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blogs.mbgsd.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mbgsd.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (313 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/intermediate.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Ltd.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [76 105 109 105 116 101 100 32 76 105 97 98 105 108 105 116 121 44 32 115 101 101 32 115 101 99 116 105 111 110 32 42 76 101 103 97 108 32 76 105 109 105 116 97 116 105 111 110 115 42 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 101 114 116 105 102 105 99 97 116 105 111 110 32 65 117 116 104 111 114 105 116 121 32 80 111 108 105 99 121 32 97 118 97 105 108 97 98 108 101 32 97 116 32 104 116 116 112 58 47 47 119 119 119 46 115 116 97 114 116 115 115 108 46 99 111 109 47 112 111 108 105 99 121 46 112 100 102] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/crt2-crl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt2-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class2/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/certs/sub.class2.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00e0fd18c2148d260a46d863ce23a7e1e06aef78166327600d536c82f4d38e19bbf0c2127d11e44cc6bd7c71d1d128949b4f0b66edff3658a0a98c726fbcd788977bf62f2c6e2237ea589eebf2533d10030a9168d91971bb2b1eda4d8b8d97ac084ec8e7fae571fab8479fe6adebc6ee682130ac1b3d920f07b90693d9d82f5bcb6b36e531e9c81593e16987fc562df43538e79294cec2460c5e5258f769f3219102c728c93422ac356c09f590844c4e1a96d64bb4580e1eecf2d7302aa3280e07d03463fd2fc4b1985e65b4a4348e096522786f8f427f138ee7c2b3cb9cbeffd095f23371e1082ecbf8e99c5a8ceae162f2912d61d228f2799db2c662411e3c52