webmail.nasec.de
Issued by StartCom Class 1 DV Server CA
About this certificate
This digital certificate with serial number 41:84:8d:ab:0e:e9:b2:2f:f0:2f:31:5c:4f:93:a0:bc was issued on by StartCom Ltd..
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=webmail.nasec.de,C=DE
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: StartCom Certification Authority
Organization unit: StartCom Certification Authority
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 41:84:8d:ab:0e:e9:b2:2f:f0:2f:31:5c:4f:93:a0:bcSerial Number (int): 87088076283731345129452057478726656188
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: b1:7b:ff:bc:9c:59:99:05:b3:b2:d6:e3:9a:db:f6:1e:f3:e8:4c:cd
AuthorityKeyId: d7:91:4e:01:c4:b0:bf:f8:c8:67:93:44:9c:e7:33:fa:ad:93:0c:af
Fingerprint (sha1): f9:cd:fc:70:f4:6e:96:01:06:d3:93:bd:3e:f3:af:cc:88:61:f7:28
Fingerprint (sha256): 79:00:67:e8:e6:d1:54:f9:b6:67:a7:23:78:ce:b0:d5:53:8e:44:46:4e:da:28:3f:62:42:ed:77:35:c2:f6:13
Issuing Certificate URL: http://aia.startssl.com/certs/sca.server1.crt
Revocation information
OCSP Server: http://ocsp.startssl.comCRL Distribution Point: http://crl.startssl.com/sca-server1.crl
Check the revocation status for certificate webmail.nasec.de
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for webmail.nasec.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
webmail.nasec.de
nasec.de
srv05.nasec.de
nasec.de
srv05.nasec.de
Other certificates including the domain name nasec.de
(limited to 100 certificates)
seafile.nasec.de
seafile.nasec.de
desktop.nasec.de
unistor.de
unistor.de
checkmk.nasec.de
homewiki.nasec.de
srv05.nasec.de
outbox24.de
seafile.nasec.de
seafile.nasec.de
seafile.nasec.de
www.nasec.de
unistor.de
unistor.de
www.desktop.nasec.de
outbox24.de
v22018102995674690.bestsrv.de
checkmk.nasec.de
www.nasec.de
unistor.de
wiki.unistor.de
checkmk.nasec.de
unistor.de
v22018102995674690.bestsrv.de
unistor.de
wiki.unistor.de
v22018102995674690.bestsrv.de
unistor.de
checkmk.nasec.de
unistor.de
digital-eastside.de
seafile.nasec.de
v22018102995674690.bestsrv.de
checkmk.nasec.de
www.nasec.de
support.unistor.de
unistor.de
www.klopapierkrise.de
webmail.nasec.de
seafile.nasec.de
support.unistor.de
monitor.nasec.de
outbox24.de
checkmk.nasec.de
digital-eastside.de
seafile.nasec.de
wiki.nasec.de
outbox24.de
support.unistor.de
seafile.nasec.de
wiki.nasec.de
v22018102995674690.bestsrv.de
ssl.nasec.de
digital-eastside.de
unistor.de
unistor.de
files.stephi-engert.de
mail.s-t-e.com
seafile.nasec.de
wiki.unistor.de
srv05.nasec.de
seafile.nasec.de
outbox24.de
outbox24.de
wiki.nasec.de
desktop.nasec.de
unistor.de
v22018102995674690.bestsrv.de
seafile.nasec.de
desktop.nasec.de
vz.nasec.de
wiki.unistor.de
digital-eastside.de
seafile.nasec.de
unistor.de
v22018102995674690.bestsrv.de
digital-eastside.de
www.nasec.de
support.unistor.de
outbox24.de
outbox24.de
unistor.de
checkmk.nasec.de
v22018102995674690.bestsrv.de
checkmk.nasec.de
www.nasec.de
seafile.nasec.de
wiki.unistor.de
support.unistor.de
files.stephi-engert.de
v22018102995674690.bestsrv.de
srv05.nasec.de
checkmk.nasec.de
seafile.nasec.de
webmail.nasec.de
seafile.nasec.de
seafile.nasec.de
desktop.nasec.de
unistor.de
unistor.de
checkmk.nasec.de
homewiki.nasec.de
srv05.nasec.de
outbox24.de
seafile.nasec.de
seafile.nasec.de
seafile.nasec.de
www.nasec.de
unistor.de
unistor.de
www.desktop.nasec.de
outbox24.de
v22018102995674690.bestsrv.de
checkmk.nasec.de
www.nasec.de
unistor.de
wiki.unistor.de
checkmk.nasec.de
unistor.de
v22018102995674690.bestsrv.de
unistor.de
wiki.unistor.de
v22018102995674690.bestsrv.de
unistor.de
checkmk.nasec.de
unistor.de
digital-eastside.de
seafile.nasec.de
v22018102995674690.bestsrv.de
checkmk.nasec.de
www.nasec.de
support.unistor.de
unistor.de
www.klopapierkrise.de
webmail.nasec.de
seafile.nasec.de
support.unistor.de
monitor.nasec.de
outbox24.de
checkmk.nasec.de
digital-eastside.de
seafile.nasec.de
wiki.nasec.de
outbox24.de
support.unistor.de
seafile.nasec.de
wiki.nasec.de
v22018102995674690.bestsrv.de
ssl.nasec.de
digital-eastside.de
unistor.de
unistor.de
files.stephi-engert.de
mail.s-t-e.com
seafile.nasec.de
wiki.unistor.de
srv05.nasec.de
seafile.nasec.de
outbox24.de
outbox24.de
wiki.nasec.de
desktop.nasec.de
unistor.de
v22018102995674690.bestsrv.de
seafile.nasec.de
desktop.nasec.de
vz.nasec.de
wiki.unistor.de
digital-eastside.de
seafile.nasec.de
unistor.de
v22018102995674690.bestsrv.de
digital-eastside.de
www.nasec.de
support.unistor.de
outbox24.de
outbox24.de
unistor.de
checkmk.nasec.de
v22018102995674690.bestsrv.de
checkmk.nasec.de
www.nasec.de
seafile.nasec.de
wiki.unistor.de
support.unistor.de
files.stephi-engert.de
v22018102995674690.bestsrv.de
srv05.nasec.de
checkmk.nasec.de
seafile.nasec.de
webmail.nasec.de
seafile.nasec.de
Certificate
The complete raw certificate details for webmail.nasec.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgIQQYSNqw7psi/wLzFcT5OgvDANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4XDTE3MDMyMjA4NDMwMVoXDTIwMDMy MjA4NDMwMVowKDELMAkGA1UEBhMCREUxGTAXBgNVBAMMEHdlYm1haWwubmFzZWMu ZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5WZ4Xwr9VmXdzAOMr svhssBqd2YNLYV2zrLv/otIZTiuuszBptPKLdZp94EEy0hU/l7uen9zP9VBX0SAP hD/ByUElSNM/uLPL2BpsCx0kLX9u1zajRyhh3wEY/9LcEGPwwlFHV4D4NLG/6rjI tYbgnADvEjfGO8mEfABoHfg1BwJkqIZa9jn9/pm7yTmESiWfiRzVM2jGCtM1oTfI WwMfPPSQ2ZIbOIO6itGXtFiicyNxpF3/eoLI7/ux3YTuiarUv3+FYmLVL2dJVRnw nzUgq/w/GljjhPbH8wVpeU3jAYZPrwaY+DSmk3S9NU6CevxNc8/o2VRF29EQB7P3 HN/LAgMBAAGjggHtMIIB6TAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwIGCCsGAQUFBwMBMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLF7/7ycWZkFs7LW 45rb9h7z6EzNMB8GA1UdIwQYMBaAFNeRTgHEsL/4yGeTRJznM/qtkwyvMG8GCCsG AQUFBwEBBGMwYTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Auc3RhcnRzc2wuY29t MDkGCCsGAQUFBzAChi1odHRwOi8vYWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9zY2Eu c2VydmVyMS5jcnQwOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2NybC5zdGFydHNz bC5jb20vc2NhLXNlcnZlcjEuY3JsMDUGA1UdEQQuMCyCEHdlYm1haWwubmFzZWMu ZGWCCG5hc2VjLmRlgg5zcnYwNS5uYXNlYy5kZTAjBgNVHRIEHDAahhhodHRwOi8v d3d3LnN0YXJ0c3NsLmNvbS8wUQYDVR0gBEowSDAIBgZngQwBAgEwPAYLKwYBBAGB tTcBAgUwLTArBggrBgEFBQcCARYfaHR0cHM6Ly93d3cuc3RhcnRzc2wuY29tL3Bv bGljeTATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWzpC HdygBCRM0ikk/l3Xx2bq6SOSKGJmrxXZYIskzaBa+pjG94lC6xGZf6+Col+DQ4N2 /tw1HagyMfMJHBgbhfreZ1zrUOkGfJqkzBIIn160jOrX62+WTrYE3V5vfxZhK+CT u9EKyl7/ybVV81JyzkEM9EyzlMur8nm7A7dcITthRVWTzv7gDXBmtYWJL9teuGu9 DTG+0+2nbwBxkRoq/x/D1SonsDkDZn4CpvyS0rAgpSazV4XN+B2/zhwzR83yjcYN FgBDJt9M4ldAuAH3Aznai2FmLmENh9c4wf2n/blZFTA1CTPi9k5a/8u42xPs+xSh njItJzhih8vAVZkfzA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+VmeF8K/VZl3cwDjK7L4 bLAandmDS2Fds6y7/6LSGU4rrrMwabTyi3WafeBBMtIVP5e7np/cz/VQV9EgD4Q/ wclBJUjTP7izy9gabAsdJC1/btc2o0coYd8BGP/S3BBj8MJRR1eA+DSxv+q4yLWG 4JwA7xI3xjvJhHwAaB34NQcCZKiGWvY5/f6Zu8k5hEoln4kc1TNoxgrTNaE3yFsD Hzz0kNmSGziDuorRl7RYonMjcaRd/3qCyO/7sd2E7omq1L9/hWJi1S9nSVUZ8J81 IKv8PxpY44T2x/MFaXlN4wGGT68GmPg0ppN0vTVOgnr8TXPP6NlURdvREAez9xzf ywIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 87088076283731345129452057478726656188 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 DV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-22 08:43:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-22 08:43:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'webmail.nasec.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31477529997543851071334117309054934301593353209391202359114300768169760923631982000455917025050085909064755423287709390407850965841966300029013310846448377399651504049972205518987925555508833660336539105546636126541548290843461955264048922892473677214316449891118213826679816089193074266997811144957953099123705740587053220084995896412113139783905572326800961868298363949834018536888256552452564540900576250923668066976943517822041500151033113473809316891452138137139379923677412212981947594220023676422166427295502518777118501497715364578740102819501741434662959122269356085019169678568648984861913475716513942790091 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b17bffbc9c599905b3b2d6e39adbf61ef3e84ccd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d7914e01c4b0bff8c86793449ce733faad930caf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.nasec.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nasec.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'srv05.nasec.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.startssl.com/policy' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005b3a421ddca004244cd22924fe5dd7c766eae92392286266af15d9608b24cda05afa98c6f78942eb11997faf82a25f83438376fedc351da83231f3091c181b85fade675ceb50e9067c9aa4cc12089f5eb48cead7eb6f964eb604dd5e6f7f16612be093bbd10aca5effc9b555f35272ce410cf44cb394cbabf279bb03b75c213b61455593cefee00d7066b585892fdb5eb86bbd0d31bed3eda76f0071911a2aff1fc3d52a27b03903667e02a6fc92d2b020a526b35785cdf81dbfce1c3347cdf28dc60d16004326df4ce25740b801f70339da8b61662e610d87d738c1fda7fdb9591530350933e2f64e5affcbb8db13ecfb14a19e322d27386287cbc055991fcc