*.engineyard.com
Issued by Starfield Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number 85:0e:1e:b1:0f:c7:b6:f3 was issued on by Starfield Technologies, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
- Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)
Certificate Subject
CN=*.engineyard.com
Starfield Technologies, Inc.
Organization:
Starfield Technologies, Inc.
Organization unit: http://certs.starfieldtech.com/repository/
Organization unit: http://certs.starfieldtech.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 85:0e:1e:b1:0f:c7:b6:f3Serial Number (int): 9587634402541156083
Serial Number lenght: 64 bits, 8 octets
SubjectKeyId: 7a:16:ee:37:f2:69:b9:b7:ca:7d:e8:8b:1a:22:57:bf:01:7b:be:25
AuthorityKeyId: 25:45:81:68:50:26:38:3d:3b:2d:2c:be:cd:6a:d9:b6:3d:b3:66:63
Fingerprint (sha1): 40:38:5a:f9:bc:2c:93:1a:fb:a6:27:61:c0:a3:3e:c2:c6:66:33:3b
Fingerprint (sha256): 5a:93:00:a6:ad:22:fb:17:f1:f2:72:2d:11:b0:dd:d2:b1:68:3a:4d:19:85:25:44:1f:08:cf:3b:ba:98:bb:a3
Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sfig2.crt
Revocation information
OCSP Server: http://ocsp.starfieldtech.com/CRL Distribution Point: http://crl.starfieldtech.com/sfig2s1-685.crl
Check the revocation status for certificate *.engineyard.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.engineyard.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.engineyard.com
engineyard.com
engineyard.com
Other certificates including the domain name engineyard.com
(limited to 100 certificates)
lp.engineyard.com
support.engineyard.com
support.engineyard.com
jirastatus.kepler-rominfo.com
support.engineyard.com
info.engineyard.com
www.engineyard.com
info.engineyard.com
support.crossover.com
secure0106.hubspot.com
secure0106.hubspot.com
www.engineyard.com
www.engineyard.com
berkeley.engineyard.com
supportsurvey.cardinal-mark.com
support.infinio.com
support.cloud.engineyard.com
www.engineyard.com
secure0106.hubspot.com
em.engineyard.com
support.engineyard.com
supportsurvey.cardinal-mark.com
supportsurvey.cardinal-mark.com
support.cloud.engineyard.com
jss.engineyard.com
support.engineyard.com
support.cloud.engineyard.com
supportsurvey.knowledgemarketing.com
blog.engineyard.com
secure0106.hubspot.com
secure0106.hubspot.com
engineyard.com
secure0106.hubspot.com
support.cloud.engineyard.com
supportsurvey.cardinal-mark.com
supportsurvey.cardinal-mark.com
support.cloud.engineyard.com
supportsurvey.cardinal-mark.com
support.cloud.engineyard.com
www.engineyard.com
secure0106.hubspot.com
secure0106.hubspot.com
secure0106.hubspot.com
info.engineyard.com
mnml.resins.engineyard.com
secure0106.hubspot.com
secure0106.hubspot.com
blog.engineyard.com
status.aldebaran.com
secure0106.hubspot.com
info.engineyard.com
support.engineyard.com
www.engineyard.com
support.cloud.engineyard.com
support.cloud.engineyard.com
secure0106.hubspot.com
support.engineyard.com
*.engineyard.com
info.engineyard.com
support.cloud.engineyard.com
supportsurvey.cardinal-mark.com
www.engineyard.com
support.cloud.engineyard.com
*.engineyard.com
secure0106.hubspot.com
*.engineyard.com
status.aldebaran.com
*.engineyard.com
info.engineyard.com
dnnsupport.dnnsoftware.com
lp.engineyard.com
secure0106.hubspot.com
support.cloud.engineyard.com
engineyard.com
jirastatus.kepler-rominfo.com
secure0106.hubspot.com
support.engineyard.com
status.aldebaran.com
www.engineyard.com
secure0106.hubspot.com
www.engineyard.com
support.cardinal-mark.com
secure0106.hubspot.com
secure0106.hubspot.com
secure0106.hubspot.com
support.cloud.engineyard.com
support.cardinal-mark.com
jirastatus.kepler-rominfo.com
support.cloud.engineyard.com
www.engineyard.com
www.engineyard.com
status.aldebaran.com
*.engineyard.com
info.engineyard.com
*.engineyard.com
info.engineyard.com
mnml.resins.engineyard.com
support.crossover.com
secure0106.hubspot.com
mnml.resins.engineyard.com
support.engineyard.com
support.engineyard.com
jirastatus.kepler-rominfo.com
support.engineyard.com
info.engineyard.com
www.engineyard.com
info.engineyard.com
support.crossover.com
secure0106.hubspot.com
secure0106.hubspot.com
www.engineyard.com
www.engineyard.com
berkeley.engineyard.com
supportsurvey.cardinal-mark.com
support.infinio.com
support.cloud.engineyard.com
www.engineyard.com
secure0106.hubspot.com
em.engineyard.com
support.engineyard.com
supportsurvey.cardinal-mark.com
supportsurvey.cardinal-mark.com
support.cloud.engineyard.com
jss.engineyard.com
support.engineyard.com
support.cloud.engineyard.com
supportsurvey.knowledgemarketing.com
blog.engineyard.com
secure0106.hubspot.com
secure0106.hubspot.com
engineyard.com
secure0106.hubspot.com
support.cloud.engineyard.com
supportsurvey.cardinal-mark.com
supportsurvey.cardinal-mark.com
support.cloud.engineyard.com
supportsurvey.cardinal-mark.com
support.cloud.engineyard.com
www.engineyard.com
secure0106.hubspot.com
secure0106.hubspot.com
secure0106.hubspot.com
info.engineyard.com
mnml.resins.engineyard.com
secure0106.hubspot.com
secure0106.hubspot.com
blog.engineyard.com
status.aldebaran.com
secure0106.hubspot.com
info.engineyard.com
support.engineyard.com
www.engineyard.com
support.cloud.engineyard.com
support.cloud.engineyard.com
secure0106.hubspot.com
support.engineyard.com
*.engineyard.com
info.engineyard.com
support.cloud.engineyard.com
supportsurvey.cardinal-mark.com
www.engineyard.com
support.cloud.engineyard.com
*.engineyard.com
secure0106.hubspot.com
*.engineyard.com
status.aldebaran.com
*.engineyard.com
info.engineyard.com
dnnsupport.dnnsoftware.com
lp.engineyard.com
secure0106.hubspot.com
support.cloud.engineyard.com
engineyard.com
jirastatus.kepler-rominfo.com
secure0106.hubspot.com
support.engineyard.com
status.aldebaran.com
www.engineyard.com
secure0106.hubspot.com
www.engineyard.com
support.cardinal-mark.com
secure0106.hubspot.com
secure0106.hubspot.com
secure0106.hubspot.com
support.cloud.engineyard.com
support.cardinal-mark.com
jirastatus.kepler-rominfo.com
support.cloud.engineyard.com
www.engineyard.com
www.engineyard.com
status.aldebaran.com
*.engineyard.com
info.engineyard.com
*.engineyard.com
info.engineyard.com
mnml.resins.engineyard.com
support.crossover.com
secure0106.hubspot.com
mnml.resins.engineyard.com
Certificate
The complete raw certificate details for *.engineyard.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGwTCCBamgAwIBAgIJAIUOHrEPx7bzMA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy MB4XDTI0MDMxMDE0MzEwOFoXDTI1MDQxMTE0MzEwOFowGzEZMBcGA1UEAwwQKi5l bmdpbmV5YXJkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMqw cX9iXLWFa7cxECM8IRaZHk/JEvpNt37+wOdtcM7mVoC3SCoZpv1s1H2mWQSGQw5H rwa9yQZem/AZGNDbd9iS725h1gYcwhn06tIDAB0fYElAFwasfRixJ6RznUfQeKtB deydkqKxyVOHu1rv6RJ04qQkct8BdRZ6omMs7IQ7OYPCZDGknccY6av5jgyIG0LX iyn3USMVc2hz11sCytQb+s98hJfP6LAnwEYcO2PLACKutrEJlvup4ajTgMLRf1Ow u8mKuTkuplOXjEFkb8iHQb6yPE6qAs6ghqa0snoPq1s7vM7w402NCQbc+narX27u /njTTH1ulyfUPo0K0UkCAwEAAaOCA1owggNWMAwGA1UdEwEB/wQCMAAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA9BgNVHR8E NjA0MDKgMKAuhixodHRwOi8vY3JsLnN0YXJmaWVsZHRlY2guY29tL3NmaWcyczEt Njg1LmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYIKwYBBQUHAgEW MWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9y eS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6 Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0cDovL2Nl cnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNy dDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7Natm2PbNmYzArBgNVHREEJDAighAq LmVuZ2luZXlhcmQuY29tgg5lbmdpbmV5YXJkLmNvbTAdBgNVHQ4EFgQUehbuN/Jp ubfKfeiLGiJXvwF7viUwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AE51oydc mhDDOFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjijGcQQAAAQDAEcwRQIgUwKF KlH1r0CAsLlGVVejSuuzJGVa+8/LWm+y4qxXM78CIQCA4StqTm5DhxsbP034tzuF XcVKR5Lct9A9NtA1az/a7wB2AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6M Lnm4AAABjijGcgoAAAQDAEcwRQIgQ/iPJAg0+1le7wRrMG35ySgpBS/j/+wHQMeD aH4c35ECIQCfJlKjOAMLubDzUSlBvJRRAy2VGJ/WqsvVfgW4M7m57AB3AMz7D2qF cQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAABjijGcqoAAAQDAEgwRgIhAO/r EGiXNQVoPEJRDCRuyaWCS9tEMNTkEiAxlo6fyu/cAiEAnTwf4Oi9TYQ6ArdMLJ+8 xLURLd8e9tZvbrGQubABb0IwDQYJKoZIhvcNAQELBQADggEBAHMocjB52ic4T69X YbA3Da3Rh+tEwaV0CX1y0SfMApY1XGv1ijOTQIHY5ce6wGj0EsTfRqeW50yXgHe9 kiUTs7OXhzb3zjFAQu0wqT59bA6g8VfRxDlj4G1EBtdqcVf39WEBNI66oBVMj1Co BKDNnrlRZMJkxsc3ilBz7MS0TUFgCBkzM2WI+yeg2Bynfg+uCad2YF/rHBHD2jWu 4XAaZHurE4DWC5xEQpIM9aG2XYM/YKMa8LHaOhRwCODtLljkvjnVh7RG4ZqRZ1b7 xGPnZ8SB36VpMOONO8si6Q/bV2sZZdtmG8ZYiMEOJB5Ei0eiA93GhDplc7xhV2rt DJjUldo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrBxf2JctYVrtzEQIzwh FpkeT8kS+k23fv7A521wzuZWgLdIKhmm/WzUfaZZBIZDDkevBr3JBl6b8BkY0Nt3 2JLvbmHWBhzCGfTq0gMAHR9gSUAXBqx9GLEnpHOdR9B4q0F17J2SorHJU4e7Wu/p EnTipCRy3wF1FnqiYyzshDs5g8JkMaSdxxjpq/mODIgbQteLKfdRIxVzaHPXWwLK 1Bv6z3yEl8/osCfARhw7Y8sAIq62sQmW+6nhqNOAwtF/U7C7yYq5OS6mU5eMQWRv yIdBvrI8TqoCzqCGprSyeg+rWzu8zvDjTY0JBtz6dqtfbu7+eNNMfW6XJ9Q+jQrR SQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9587634402541156083 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.starfieldtech.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-10 14:31:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-11 14:31:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.engineyard.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25587145061830906283393010237209129840166877941215960183760149468724772602826165991487100792444910226652674295938776729919039203203072513297150186041894622262103719670730182519351032567627969817793402298747494029076191106342163343986389569219107718929646465963922772948558432131975460456929590024592455818562051383784249460848083639064153588564001837708868444581995639138258357737782706109202691821721595521054425744000270765421202091171778915497174209814041422055390409336868139734462540655440537849978672481052952861489218905793153667937584366197873985274149159466253513775695320868559262478044921550866274541293897 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfig2s1-685.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sfig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 254581685026383d3b2d2cbecd6ad9b63db36663 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engineyard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'engineyard.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7a16ee37f269b9b7ca7de88b1a2257bf017bbe25 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e28c67104000004030047304502205302852a51f5af4080b0b9465557a34aebb324655afbcfcb5a6fb2e2ac5733bf02210080e12b6a4e6e43871b1b3f4df8b73b855dc54a4792dcb7d03d36d0356b3fdaef0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e28c6720a0000040300473045022043f88f240834fb595eef046b306df9c92829052fe3ffec0740c783687e1cdf910221009f2652a338030bb9b0f3512941bc9451032d95189fd6aacbd57e05b833b9b9ec007700ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db00000018e28c672aa0000040300483046022100efeb1068973505683c42510c246ec9a5824bdb4430d4e4122031968e9fcaefdc0221009d3c1fe0e8bd4d843a02b74c2c9fbcc4b5112ddf1ef6d66f6eb190b9b0016f42 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007328723079da27384faf5761b0370dadd187eb44c1a574097d72d127cc0296355c6bf58a33934081d8e5c7bac068f412c4df46a796e74c978077bd922513b3b3978736f7ce314042ed30a93e7d6c0ea0f157d1c43963e06d4406d76a7157f7f56101348ebaa0154c8f50a804a0cd9eb95164c264c6c7378a5073ecc4b44d4160081933336588fb27a0d81ca77e0fae09a776605feb1c11c3da35aee1701a647bab1380d60b9c4442920cf5a1b65d833f60a31af0b1da3a147008e0ed2e58e4be39d587b446e19a916756fbc463e767c481dfa56930e38d3bcb22e90fdb576b1965db661bc65888c10e241e448b47a203ddc6843a6573bc61576aed0c98d495da