portal.themarkus.at
Issued by StartCom Class 1 DV Server CA
About this certificate
This digital certificate with serial number 2d:b3:19:56:b7:cb:11:ea:a9:63:42:c9:64:fb:e2:f9 was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=portal.themarkus.at,C=AT
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: StartCom Certification Authority
Organization unit: StartCom Certification Authority
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 2d:b3:19:56:b7:cb:11:ea:a9:63:42:c9:64:fb:e2:f9Serial Number (int): 60745194878742269292333820460566045433
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: f6:da:b3:28:9c:83:35:f2:01:25:f8:de:76:86:1f:6c:de:29:a7:31
AuthorityKeyId: d7:91:4e:01:c4:b0:bf:f8:c8:67:93:44:9c:e7:33:fa:ad:93:0c:af
Fingerprint (sha1): db:45:aa:fa:74:e5:b8:42:c1:e6:43:0d:1b:c4:ba:85:40:fd:0e:8d
Fingerprint (sha256): 67:07:86:64:86:a9:ea:fb:12:5d:b5:5f:26:ae:6d:ec:7f:14:8c:03:1f:46:75:b4:ca:51:6e:e0:0b:ec:cf:9a
Issuing Certificate URL: http://aia.startssl.com/certs/sca.server1.crt
Revocation information
OCSP Server: http://ocsp.startssl.comCRL Distribution Point: http://crl.startssl.com/sca-server1.crl
Check the revocation status for certificate portal.themarkus.at
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for portal.themarkus.at
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
portal.themarkus.at
www.portal.themarkus.at
www.portal.themarkus.at
Other certificates including the domain name themarkus.at
(limited to 100 certificates)
nextcloud.themarkus.at
chat.themarkus.at
*.themarkus.at
rss.themarkus.at
jira.themarkus.at
svn.themarkus.at
cdn.themarkus.at
portal.themarkus.at
*.themarkus.at
svn.themarkus.at
jira.themarkus.at
themarkus.at
v.themarkus.at
themarkus.at
themarkus.at
git.themarkus.at
*.themarkus.at
*.themarkus.at
themarkus.at
themarkus.at
themarkus.at
jira.themarkus.at
themarkus.at
fsync.themarkus.at
themarkus.at
themarkus.at
themarkus.at
*.themarkus.at
themarkus.at
themarkus.at
*.themarkus.at
themarkus.at
chat.themarkus.at
*.themarkus.at
rss.themarkus.at
jira.themarkus.at
svn.themarkus.at
cdn.themarkus.at
portal.themarkus.at
*.themarkus.at
svn.themarkus.at
jira.themarkus.at
themarkus.at
v.themarkus.at
themarkus.at
themarkus.at
git.themarkus.at
*.themarkus.at
*.themarkus.at
themarkus.at
themarkus.at
themarkus.at
jira.themarkus.at
themarkus.at
fsync.themarkus.at
themarkus.at
themarkus.at
themarkus.at
*.themarkus.at
themarkus.at
themarkus.at
*.themarkus.at
themarkus.at
Certificate
The complete raw certificate details for portal.themarkus.at in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHjCCBQagAwIBAgIQLbMZVrfLEeqpY0LJZPvi+TANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4XDTE2MDgyNjEwMTgzMloXDTE3MDgy NjEwMTgzMlowKzELMAkGA1UEBhMCQVQxHDAaBgNVBAMME3BvcnRhbC50aGVtYXJr dXMuYXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDE37B4q0M3MfYP wyY04yTNa/yXg6ss/62wrPvptIcB7PebmJD024r5E68vLDtG9ATmeaiWMXajkZ75 MR1xOyKkPVgmSsASx3XM/PQ+CDXqeCuPYK2EWCyB2fv+wOaOoiHEmejrrAC6ORhd 9RUGBF/eQvH+XrQ7gTMk2EK3nac25h9c41WaUVKDa0LD0GYUIFt2Qs8QfXNAikeq FAPJMISRJ+68ffMvY3AEPM8LNftHFNLmBw3PoY5ziD/ZmRV/FUAjUTUsBoUEK0o3 2++JfhIuMHDtG+Zj9y30kTklN5fs3CSbhDnJ1Y7VoltrWtUunk2eHx9oNjAo+IVi BzM9FQNXX+eqGe1aBxFXPiDH6z4x0AwBvKWhq46zRqSoJs52MLU27K2PnjHhDt/b DjpfZBqlJDqogkWqYYnmcMo08ooZaQLJcJwQqDCdl1L2kPVBw34ySPdELY+IZcJ4 YIsDT221712IjEGsfBm42jyzn7D42FXGG9KwJULz/tZkrHY7ZbqhafoFyvKilSD0 3O4X9FAW5XcAbTj5BefgxIp6dA9YPEBcdMRoKIa9WwLmrCZZ8kwC3xbw3ggRn3DP Wk80whpkvmJJmbZ0dIrg1HSgbB/RWgy4VJrfwQ5Jt1sIzmLt5JRQC/jd8QP6T+S9 su5yXcbKmdoSWRtp2RyWn548DHFxPwIDAQABo4IB7zCCAeswDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAJBgNVHRMEAjAAMB0G A1UdDgQWBBT22rMonIM18gEl+N52hh9s3imnMTAfBgNVHSMEGDAWgBTXkU4BxLC/ +Mhnk0Sc5zP6rZMMrzBvBggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0dHA6 Ly9vY3NwLnN0YXJ0c3NsLmNvbTA5BggrBgEFBQcwAoYtaHR0cDovL2FpYS5zdGFy dHNzbC5jb20vY2VydHMvc2NhLnNlcnZlcjEuY3J0MDgGA1UdHwQxMC8wLaAroCmG J2h0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL3NjYS1zZXJ2ZXIxLmNybDA3BgNVHREE MDAughNwb3J0YWwudGhlbWFya3VzLmF0ghd3d3cucG9ydGFsLnRoZW1hcmt1cy5h dDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wUQYDVR0gBEow SDAIBgZngQwBAgEwPAYLKwYBBAGBtTcBAgUwLTArBggrBgEFBQcCARYfaHR0cHM6 Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeTATBgorBgEEAdZ5AgQDAQH/BAIFADAN BgkqhkiG9w0BAQsFAAOCAQEAQHH8u731kG2dmTI8ef8BEeu4cfcj+gD85DWNGRRJ 8nxQ6164aySDuGhcaVI8t7zEb7kB3gp3tc+m9eNkmPGs3MqsreeFRkhX4SodNNp3 2xCXeJ+jh4nxXNzxF8HcvTndh7h9xKotenxzzk7fFgKn8B2D4BuBDDfcoqOBocHr ExYRiC/5rEwF06QVR1TQDJ8v+U7XhSvNjlwl/sfmb2/I447irHpscqn3PRmEeAr6 dyyv13GesIX7/p6w9sSl5yzrKNtJXZmVqp6FRYjkPjS8KvWqCBYhi2GaAWTMi5iV vWxVfJyxyStivpkzaqFahKaKMapzmwYHCwhla1c2vg35Xw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxN+weKtDNzH2D8MmNOMk zWv8l4OrLP+tsKz76bSHAez3m5iQ9NuK+ROvLyw7RvQE5nmoljF2o5Ge+TEdcTsi pD1YJkrAEsd1zPz0Pgg16ngrj2CthFgsgdn7/sDmjqIhxJno66wAujkYXfUVBgRf 3kLx/l60O4EzJNhCt52nNuYfXONVmlFSg2tCw9BmFCBbdkLPEH1zQIpHqhQDyTCE kSfuvH3zL2NwBDzPCzX7RxTS5gcNz6GOc4g/2ZkVfxVAI1E1LAaFBCtKN9vviX4S LjBw7RvmY/ct9JE5JTeX7Nwkm4Q5ydWO1aJba1rVLp5Nnh8faDYwKPiFYgczPRUD V1/nqhntWgcRVz4gx+s+MdAMAbyloauOs0akqCbOdjC1Nuytj54x4Q7f2w46X2Qa pSQ6qIJFqmGJ5nDKNPKKGWkCyXCcEKgwnZdS9pD1QcN+Mkj3RC2PiGXCeGCLA09t te9diIxBrHwZuNo8s5+w+NhVxhvSsCVC8/7WZKx2O2W6oWn6BcryopUg9NzuF/RQ FuV3AG04+QXn4MSKenQPWDxAXHTEaCiGvVsC5qwmWfJMAt8W8N4IEZ9wz1pPNMIa ZL5iSZm2dHSK4NR0oGwf0VoMuFSa38EOSbdbCM5i7eSUUAv43fED+k/kvbLucl3G ypnaElkbadkclp+ePAxxcT8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 60745194878742269292333820460566045433 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 DV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-26 10:18:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-26 10:18:32 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'portal.themarkus.at' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 803174975199764547430372423022790237202889398069827757014150685503184171762124041555968430387680625444525705924450053510516435687352040201316110215579686730142086188595507781738057819594670214189461400495957717980756333023839300187443564814492046091878088095819237628180743837846768137986514024022252898556562987889816318455386864995776466024093871752030782170868585617069566959230631938665530789396010432026723120723173687053938057372104976566078324685965185403865938568502876786862283275747429147584822600232010972791013992049904546805442519020811961102235929085388601028556407349815181408342665180988843705221149303273963288629915781233647446929147150625492326897466168935739753263252557662544655159330824734409541669514843761961437186599827026622330070426229547527961965292940233742761839120344772558894231382288663315260960398236540910384589901469382254700694975341070186440653314682574974501429080934278316813538583991641639289939026794618605684421671574160324765096071655627186754080007937318782804428858099885287333964888551349540365716084050165754936159064101400845364027563124605353951560737910786076503467576317893485762315371692579470415500906486608854683995158547044010881092580694394286588634742491896432282350824550719 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f6dab3289c8335f20125f8de76861f6cde29a731 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d7914e01c4b0bff8c86793449ce733faad930caf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.themarkus.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.portal.themarkus.at' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.startssl.com/policy' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004071fcbbbdf5906d9d99323c79ff0111ebb871f723fa00fce4358d191449f27c50eb5eb86b2483b8685c69523cb7bcc46fb901de0a77b5cfa6f5e36498f1acdccaacade785464857e12a1d34da77db1097789fa38789f15cdcf117c1dcbd39dd87b87dc4aa2d7a7c73ce4edf1602a7f01d83e01b810c37dca2a381a1c1eb131611882ff9ac4c05d3a4154754d00c9f2ff94ed7852bcd8e5c25fec7e66f6fc8e38ee2ac7a6c72a9f73d1984780afa772cafd7719eb085fbfe9eb0f6c4a5e72ceb28db495d9995aa9e854588e43e34bc2af5aa0816218b619a0164cc8b9895bd6c557c9cb1c92b62be99336aa15a84a68a31aa739b06070b08656b5736be0df95f