www.oaa.on.ca

Issued by StartCom Extended Validation Server CA

About this certificate


This digital certificate with serial number 03:65 was issued on by StartCom Ltd. .

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([2.5.29.18])
  • ERROR: Certificate contains a key usage different from ClientAuth or EmailProtection
  • ERROR: Certificate has key usage [KeyAgreement] set

Ontario Association of Architects

Company registration number: 10779 6682 RC0001
Organization: Ontario Association of Architects
Address: 111 Moatfield Drive
Postal code: M3B3L6
State / Province: Ontario
Locality: Toronto
Country: CA

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: StartCom Certification Authority
Postal code: M3B3L6
State / Province: Ontario
Locality: Toronto
Country: CA

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 03:65
Serial Number (int): 869
Serial Number lenght: 10 bits, 2 octets

SubjectKeyId: 19:28:eb:89:1a:bb:ae:d2:29:05:d0:23:d0:ae:91:1d:ab:72:d6:26
AuthorityKeyId: a1:e1:9e:45:25:79:4d:06:d9:02:17:92:82:d5:30:89:72:25:14:a0

Fingerprint (sha1): a9:40:33:e9:c5:97:95:fb:ba:38:f3:aa:ab:19:c4:8f:72:d4:63:e8
Fingerprint (sha256): b2:84:8f:df:d7:45:c3:cb:5e:99:7c:09:a4:ac:d1:38:79:66:ca:51:85:14:f1:ae:2a:2f:9a:1c:0e:14:b3:2d

Issuing Certificate URL: http://aia.startssl.com/certs/sub.class4.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class4/server/ca
CRL Distribution Point: http://crl.startssl.com/crt4-crl.crl

Check the revocation status for the current certificate on www.oaa.on.ca
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.oaa.on.ca
oaa.on.ca
secure.oaa.on.ca
mail.oaa.on.ca

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIJETCCB/mgAwIBAgICA2UwDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAklM MRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSkwJwYDVQQLEyBTdGFydENvbSBDZXJ0 aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0GA1UEAxMmU3RhcnRDb20gRXh0ZW5kZWQg VmFsaWRhdGlvbiBTZXJ2ZXIgQ0EwHhcNMTEwNTExMDg1NzUzWhcNMTMwNTEyMDQ1 NzIyWjCCATwxIDAeBgNVBA0TFzQyNDA5NC01bThpU3ZrMnFtUWgzN0pkMQswCQYD VQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9yb250bzEPMA0G A1UEERMGTTNCM0w2MRwwGgYDVQQJExMxMTEgTW9hdGZpZWxkIERyaXZlMSowKAYD VQQKEyFPbnRhcmlvIEFzc29jaWF0aW9uIG9mIEFyY2hpdGVjdHMxFjAUBgNVBAMT DXd3dy5vYWEub24uY2ExIzAhBgkqhkiG9w0BCQEWFGhvc3RtYXN0ZXJAb2FhLm9u LmNhMRowGAYDVQQFExExMDc3OSA2NjgyIFJDMDAwMTEeMBwGA1UEDxMVTm9uLUNv bW1lcmNpYWwgRW50aXR5MRMwEQYLKwYBBAGCNzwCAQMTAkNBMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEA1ckdoUIQRzYbthAQKhu1Shc79ZCWcKVACUFo E5s0uIRJDgqSHwCBjtX/Zoqt4+8lztNtJuTb1jeKbQZ+AhQlDQKc3GICysMVe/VM 8JdKBSHpTYGaoncON8xU0NlcOP/zG5ZFrIXlZ/l1AZrNlTXPQQuQx+PoOWxD6KTc j6VaUAxupfFgG285Y/sp6dC5uvNsfbVlDrDGy7hyccP8Vz9mj3nnGuiatRMN9pTB ySHqQnU18ntp1g6pAnegp7a2wpyfSw+3+G2K28pxvNaGbMnmcJPOlOzWxhmXb1YC I3rXqDk3iL91hortpLBSfwgB/gtsdpkVvmjTMnHYsb5oYJDuN1VvQv6qjEaonaf3 eVK4TauGV8gbc1i71/3hczik7/7D+RSmZv8rquQR2502s/5L3eQ/+ADAcz+vVEZn i9066D6/HMYdy3XhLWY3HltperOgL0UUav51rAugYklONF0x+pJ/Tz7UbcK2kMgd kmuCojLC3Ez3C8a18wGGvezqVYXo/jkHZchpMV0awwvn458/VtoTDKoxxnGVwQVZ FgTjYXiMZwKBsa0ls2k2a2gLKjwO56+saRzbLxqoxsJxes8xk0b4JY60GegaC64f idH40YZIcMQCrQaU6rzOF1q9biy+fHzoT47yYFSjv1ij4ilvjMGKRmQvK2YJoDDg 71gBrh0CAwEAAaOCA9MwggPPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1Ud JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAdBgNVHQ4EFgQUGSjriRq7rtIpBdAj 0K6RHaty1iYwHwYDVR0jBBgwFoAUoeGeRSV5TQbZAheSgtUwiXIlFKAwRQYDVR0R BD4wPIINd3d3Lm9hYS5vbi5jYYIJb2FhLm9uLmNhghBzZWN1cmUub2FhLm9uLmNh gg5tYWlsLm9hYS5vbi5jYTCCAiAGA1UdIASCAhcwggITMAsGCSsGAQQBgbU3AjAN BgsrBgEEAYG1NwEBATCCAfMGCysGAQQBgbU3AQICMIIB4jAuBggrBgEFBQcCARYi aHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjA0BggrBgEFBQcCARYo aHR0cDovL3d3dy5zdGFydHNzbC5jb20vaW50ZXJtZWRpYXRlLnBkZjAwBggrBgEF BQcCARYkaHR0cDovL3d3dy5zdGFydHNzbC5jb20vZXh0ZW5kZWQucGRmMIIBRgYI KwYBBQUHAgIwggE4MCcWIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 MAMCAQEaggELVGhpcyBjZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFjY29yZGluZyB0 byB0aGUgRXh0ZW5kZWQgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0 YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IHBvbGljeSBhbmQgbWF5IGJl IHJlbGllZCB1cG9uIG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGFuZCBp biBjb21wbGlhbmNlIG9mIHRoZSByZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLiBM aWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxpbWl0ZWQhMDUGA1UdHwQuMCww KqAooCaGJGh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydDQtY3JsLmNybDCBjgYI KwYBBQUHAQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDovL29jc3Auc3RhcnRzc2wu Y29tL3N1Yi9jbGFzczQvc2VydmVyL2NhMEIGCCsGAQUFBzAChjZodHRwOi8vYWlh LnN0YXJ0c3NsLmNvbS9jZXJ0cy9zdWIuY2xhc3M0LnNlcnZlci5jYS5jcnQwIwYD VR0SBBwwGoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20vMA0GCSqGSIb3DQEBBQUA A4IBAQBHfOXY4higXSsPeeuenY8bpOACClbqE474eKcBPTwH4n3krt5KYFdFtp8p UwGzb1q4BQQo/osDAjgPVzWFPP3i6a2GCVDswUvnNnwBr/Yd1TYFDsPh+Rwo0UcU AdfrLFzK7kM7tyOG7+beUarKXkUgICVfvX+4TcdNO1/JfYVJCszs6exg1RDP+5nH SMiSG0Jq7FFH+QL/eLPxAZ2m1aNumSN6KvBbxn49+KVBoDaqganasNWRGDd9Pd3U rXoKKNM6w5V/TCPrG2G6f2adxCkzMRdR3o86n7uyxschVMgpzy1WJFqPkaziFz9A xQPMM0II48UjwRNFRwrWgc/l5kDU -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1ckdoUIQRzYbthAQKhu1 Shc79ZCWcKVACUFoE5s0uIRJDgqSHwCBjtX/Zoqt4+8lztNtJuTb1jeKbQZ+AhQl DQKc3GICysMVe/VM8JdKBSHpTYGaoncON8xU0NlcOP/zG5ZFrIXlZ/l1AZrNlTXP QQuQx+PoOWxD6KTcj6VaUAxupfFgG285Y/sp6dC5uvNsfbVlDrDGy7hyccP8Vz9m j3nnGuiatRMN9pTBySHqQnU18ntp1g6pAnegp7a2wpyfSw+3+G2K28pxvNaGbMnm cJPOlOzWxhmXb1YCI3rXqDk3iL91hortpLBSfwgB/gtsdpkVvmjTMnHYsb5oYJDu N1VvQv6qjEaonaf3eVK4TauGV8gbc1i71/3hczik7/7D+RSmZv8rquQR2502s/5L 3eQ/+ADAcz+vVEZni9066D6/HMYdy3XhLWY3HltperOgL0UUav51rAugYklONF0x +pJ/Tz7UbcK2kMgdkmuCojLC3Ez3C8a18wGGvezqVYXo/jkHZchpMV0awwvn458/ VtoTDKoxxnGVwQVZFgTjYXiMZwKBsa0ls2k2a2gLKjwO56+saRzbLxqoxsJxes8x k0b4JY60GegaC64fidH40YZIcMQCrQaU6rzOF1q9biy+fHzoT47yYFSjv1ij4ilv jMGKRmQvK2YJoDDg71gBrh0CAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 869 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-05-11 08:57:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-05-12 04:57:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.13 (description) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '424094-5m8iSvk2qmQh37Jd' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Toronto' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'M3B3L6' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '111 Moatfield Drive' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario Association of Architects' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.oaa.on.ca' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10779 6682 RC0001' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Non-Commercial Entity' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 872169189000923688285384387593980306787590308548085575757249923609960706644218165764010586650603792030611048993392871697769958924463133121488656656597236036876338853483422972769270437707045485451615789859272006388065635207154975318957392420814839613762784687763106292702183393119589290066840198692864916466012261868227612400402432661023501885262223323015130991457830118541577290001781583074195334213638979527237482166922332546054462059699766968536069099221542313172018997478106974796256643904932808498108788738265306451256812507818947323867658884378023367072643259404539477371506101333343960154988487209676222990367938728090893820833620439929580764362938549658008074811549929224831371081022035769354713388874727240240029810414761968333387357671916575908541566452371844185529500269402822795474337625156978631843803352194342605006955642811379199229870307505242041819334798644432533303744809048184614406215877041953332474717060137422957188655726220054721156119734393785151716756866626734218263654483998957467285951143285154616911726865682852146603330279923501575408855378559536171305922430579417158727332752811582681438335115915760005383187645118008749660643184176188794437054853395835306687285784802122687330491331918674529568677801501 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1928eb891abbaed22905d023d0ae911dab72d626 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a1e19e4525794d06d902179282d53089722514a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oaa.on.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oaa.on.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.oaa.on.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.oaa.on.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (535 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.1.1 (StartCom EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/intermediate.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/extended.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 69 120 116 101 110 100 101 100 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 101 114 116 105 102 105 99 97 116 105 111 110 32 65 117 116 104 111 114 105 116 121 32 112 111 108 105 99 121 32 97 110 100 32 109 97 121 32 98 101 32 114 101 108 105 101 100 32 117 112 111 110 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 97 110 100 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46 32 76 105 97 98 105 108 105 116 121 32 97 110 100 32 119 97 114 114 97 110 116 105 101 115 32 97 114 101 32 108 105 109 105 116 101 100 33] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt4-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class4/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class4.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00477ce5d8e218a05d2b0f79eb9e9d8f1ba4e0020a56ea138ef878a7013d3c07e27de4aede4a605745b69f295301b36f5ab8050428fe8b0302380f5735853cfde2e9ad860950ecc14be7367c01aff61dd536050ec3e1f91c28d1471401d7eb2c5ccaee433bb72386efe6de51aaca5e452020255fbd7fb84dc74d3b5fc97d85490accece9ec60d510cffb99c748c8921b426aec5147f902ff78b3f1019da6d5a36e99237a2af05bc67e3df8a541a036aa81a9dab0d59118377d3dddd4ad7a0a28d33ac3957f4c23eb1b61ba7f669dc42933311751de8f3a9fbbb2c6c72154c829cf2d56245a8f91ace2173f40c503cc334208e3c523c11345470ad681cfe5e640d4