*.blek.ch
- Gregory Brusick -
Issued by StartCom Class 2 IV Server CA
About this certificate
This digital certificate with serial number 51:e7:ec:8e:1f:16:d3:10:13:30:f9:ef:34:ca:d4:d9 was issued on by StartCom Ltd..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Gregory Brusick
Organization:
Gregory Brusick
State / Province:
Geneva
Locality: Geneva
Country: CH
Locality: Geneva
Country: CH
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: StartCom Certification Authority
Organization unit: StartCom Certification Authority
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 51:e7:ec:8e:1f:16:d3:10:13:30:f9:ef:34:ca:d4:d9Serial Number (int): 108871686141586898095506795907487814873
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: a7:99:ff:54:b3:95:90:a7:1f:f4:67:e1:45:30:11:62:04:02:75:38
AuthorityKeyId: 94:de:85:41:2a:a5:d9:45:f6:60:2c:2e:4c:93:09:a6:2c:23:7e:3e
Fingerprint (sha1): 05:25:3d:e7:e6:d4:9c:df:08:7e:ea:80:9e:71:d0:ad:bd:72:e4:e4
Fingerprint (sha256): 85:29:a9:a7:93:ed:96:4d:ca:27:ea:40:bc:c0:93:f8:41:47:d7:49:46:66:a0:bd:31:0c:3c:9d:e2:25:dd:46
Issuing Certificate URL: http://aia.startssl.com/certs/sca.server2.crt
Revocation information
OCSP Server: http://ocsp.startssl.comCRL Distribution Point: http://crl.startssl.com/sca-server2.crl
Check the revocation status for certificate *.blek.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.blek.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.blek.ch
Other certificates including the domain name blek.ch
(limited to 100 certificates)
archives.blek.ch
benevoles.balelec.ch
webcams.blek.ch
*.blek.ch
*.blek.ch
intranet.blek.ch
mail.blek.ch
public.balelec.ch
stats.blek.ch
gallery.blek.ch
files.blek.ch
mail.blek.ch
mail.blek.ch
auth.blek.ch
webcams.blek.ch
gallery.blek.ch
public.balelec.ch
auth.blek.ch
mail.blek.ch
archives.blek.ch
public.balelec.ch
webcams.blek.ch
public.balelec.ch
webcams.blek.ch
public.balelec.ch
files.blek.ch
*.blek.ch
gallery.blek.ch
stats.blek.ch
gallery.blek.ch
auth.blek.ch
mail.blek.ch
files.blek.ch
auth.blek.ch
mail.blek.ch
gallery.blek.ch
public.balelec.ch
gallery.blek.ch
public.balelec.ch
*.srv.blek.ch
benevoles.balelec.ch
files.blek.ch
archives.blek.ch
auth.blek.ch
archives.blek.ch
stats.blek.ch
intranet.blek.ch
auth.blek.ch
files.blek.ch
files.blek.ch
auth.blek.ch
gallery.blek.ch
intranet.blek.ch
mail.blek.ch
cdn.blek.ch
auth.blek.ch
webcams.blek.ch
archives.blek.ch
intranet.blek.ch
public.balelec.ch
gallery.blek.ch
auth.blek.ch
files.blek.ch
webcams.blek.ch
mail.blek.ch
benevoles.balelec.ch
mail.blek.ch
*.srv.blek.ch
webcams.blek.ch
webcams.blek.ch
intranet.blek.ch
stats.blek.ch
intranet.blek.ch
auth.blek.ch
auth.blek.ch
public.balelec.ch
archives.blek.ch
archives.blek.ch
webcams.blek.ch
files.blek.ch
public.balelec.ch
mail.blek.ch
gallery.blek.ch
gallery.blek.ch
gallery.blek.ch
archives.blek.ch
public.balelec.ch
webcams.blek.ch
webcams.blek.ch
intranet.blek.ch
mail.blek.ch
public.balelec.ch
public.balelec.ch
public.balelec.ch
auth.balelec.ch
archives.blek.ch
*.blek.ch
public.balelec.ch
auth.blek.ch
archives.blek.ch
benevoles.balelec.ch
webcams.blek.ch
*.blek.ch
*.blek.ch
intranet.blek.ch
mail.blek.ch
public.balelec.ch
stats.blek.ch
gallery.blek.ch
files.blek.ch
mail.blek.ch
mail.blek.ch
auth.blek.ch
webcams.blek.ch
gallery.blek.ch
public.balelec.ch
auth.blek.ch
mail.blek.ch
archives.blek.ch
public.balelec.ch
webcams.blek.ch
public.balelec.ch
webcams.blek.ch
public.balelec.ch
files.blek.ch
*.blek.ch
gallery.blek.ch
stats.blek.ch
gallery.blek.ch
auth.blek.ch
mail.blek.ch
files.blek.ch
auth.blek.ch
mail.blek.ch
gallery.blek.ch
public.balelec.ch
gallery.blek.ch
public.balelec.ch
*.srv.blek.ch
benevoles.balelec.ch
files.blek.ch
archives.blek.ch
auth.blek.ch
archives.blek.ch
stats.blek.ch
intranet.blek.ch
auth.blek.ch
files.blek.ch
files.blek.ch
auth.blek.ch
gallery.blek.ch
intranet.blek.ch
mail.blek.ch
cdn.blek.ch
auth.blek.ch
webcams.blek.ch
archives.blek.ch
intranet.blek.ch
public.balelec.ch
gallery.blek.ch
auth.blek.ch
files.blek.ch
webcams.blek.ch
mail.blek.ch
benevoles.balelec.ch
mail.blek.ch
*.srv.blek.ch
webcams.blek.ch
webcams.blek.ch
intranet.blek.ch
stats.blek.ch
intranet.blek.ch
auth.blek.ch
auth.blek.ch
public.balelec.ch
archives.blek.ch
archives.blek.ch
webcams.blek.ch
files.blek.ch
public.balelec.ch
mail.blek.ch
gallery.blek.ch
gallery.blek.ch
gallery.blek.ch
archives.blek.ch
public.balelec.ch
webcams.blek.ch
webcams.blek.ch
intranet.blek.ch
mail.blek.ch
public.balelec.ch
public.balelec.ch
public.balelec.ch
auth.balelec.ch
archives.blek.ch
*.blek.ch
public.balelec.ch
auth.blek.ch
archives.blek.ch
Certificate
The complete raw certificate details for *.blek.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIQUefsjh8W0xATMPnvNMrU2TANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDIgSVYgU2VydmVyIENBMB4XDTE2MDQyODE2NTkyNFoXDTE4MDQy ODE2NTkyNFowXTELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkdlbmV2YTEPMA0GA1UE BwwGR2VuZXZhMRgwFgYDVQQKDA9HcmVnb3J5IEJydXNpY2sxEjAQBgNVBAMMCSou Ymxlay5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALb99mHQE80v O/GRZfg+0qgnZ7trID4+C249l6VYvSJdDRSkY6cnZActHhHAvexGJA+bXXU08bDX VejXYSVv0NasX8NxQX/wAeDIz+PHPG7goqvZ9bvtnYPqOFUokQmMKaD8BtNmUVvp qmgt+KfF7GpQHRKWA3+c4MJHNaSptknZXmnTQuvMPyBPt7g5xQ5YLOKd0d9IZ3Na YrNhz1wUarCAIuqn2Hkhfi+7tCIZmZ9B78Ehbw0TGTVi93ugM9X2MjZudZuGGYoY M27F9WL4z8Oky30DW5ZpJDowr7cwJUf+RpRHOpo4ML8LCEKqCvbSPfiiztLE5EmG 6W+AxdKopskCAwEAAaOCAcswggHHMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAgYIKwYBBQUHAwEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUp5n/VLOV kKcf9GfhRTARYgQCdTgwHwYDVR0jBBgwFoAUlN6FQSql2UX2YCwuTJMJpiwjfj4w bwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5zdGFydHNz bC5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRz L3NjYS5zZXJ2ZXIyLmNydDA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLnN0 YXJ0c3NsLmNvbS9zY2Etc2VydmVyMi5jcmwwFAYDVR0RBA0wC4IJKi5ibGVrLmNo MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzBQBgNVHSAESTBH MAgGBmeBDAECAzA7BgsrBgEEAYG1NwECBTAsMCoGCCsGAQUFBwIBFh5odHRwOi8v d3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJ KoZIhvcNAQELBQADggEBAARQMX9DD4W7RK/4hexiohbxuiVLFc3UPqGv+hFtdJE+ YyAlKvsbqSl7TGiglhRwjLoBbq3FqbGsisI3IDoEdBnNs1vMouzlHJ0Z4NBBDQDv jWabb+j1Us+i+On+UQDnAdZr3N6aYqSKvxrSvALRxYrPBx2IWklNZZz209DyWnXC KIsyn/ijjUWvK/GvTmR2Khl2khB5dd0+FduYNoGRqFtTdwOF2dmoA78DacaMMcUW 4KvmNv0/3wx4TBbD5CscKObr0t4qNGnHjRShgyqahckb/XvNGh8u+tsBj3wmyTeT 6mnzXvTWKkQFq+qUHzkMk8r7XgOArstlbnbkzNRgCBQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv32YdATzS878ZFl+D7S qCdnu2sgPj4Lbj2XpVi9Il0NFKRjpydkBy0eEcC97EYkD5tddTTxsNdV6NdhJW/Q 1qxfw3FBf/AB4MjP48c8buCiq9n1u+2dg+o4VSiRCYwpoPwG02ZRW+mqaC34p8Xs alAdEpYDf5zgwkc1pKm2SdleadNC68w/IE+3uDnFDlgs4p3R30hnc1pis2HPXBRq sIAi6qfYeSF+L7u0IhmZn0HvwSFvDRMZNWL3e6Az1fYyNm51m4YZihgzbsX1YvjP w6TLfQNblmkkOjCvtzAlR/5GlEc6mjgwvwsIQqoK9tI9+KLO0sTkSYbpb4DF0qim yQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 108871686141586898095506795907487814873 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 IV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-28 16:59:24 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-28 16:59:24 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Geneva' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Geneva' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Gregory Brusick' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.blek.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23100605045576113974494534808391479193458037975040717234485261885130417471157478373133681531084929980220066808652356780600863212583097939206056335710300371322559567752497947219720995985275777944644829435323548164949393958368509127913332020118237745208029269827236104965455973997710008378499912826426155513871999283241947819866229040930523130035192243157571343344138831948567310913247876420124402448725989821333494775109097855644908686244552332528809029986048771922220129341754303061616716141984946684673646327967044711416145575611939608984061200094448452717004498446629295600533543916575033557038524133973761798481609 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a799ff54b39590a71ff467e14530116204027538 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 94de85412aa5d945f6602c2e4c9309a62c237e3e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.blek.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000450317f430f85bb44aff885ec62a216f1ba254b15cdd43ea1affa116d74913e6320252afb1ba9297b4c68a09614708cba016eadc5a9b1ac8ac237203a047419cdb35bcca2ece51c9d19e0d0410d00ef8d669b6fe8f552cfa2f8e9fe5100e701d66bdcde9a62a48abf1ad2bc02d1c58acf071d885a494d659cf6d3d0f25a75c2288b329ff8a38d45af2bf1af4e64762a197692107975dd3e15db98368191a85b53770385d9d9a803bf0369c68c31c516e0abe636fd3fdf0c784c16c3e42b1c28e6ebd2de2a3469c78d14a1832a9a85c91bfd7bcd1a1f2efadb018f7c26c93793ea69f35ef4d62a4405abea941f390c93cafb5e0380aecb656e76e4ccd4600814