db.asse.com
Issued by StartCom Class 1 Primary Intermediate Server CA
About this certificate
This digital certificate with serial number 0f:33:cb was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [KeyAgreement DigitalSignature KeyEncipherment] (00010101) inconsistent with ExtKeyUsage serverAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=db.asse.com,C=US,1.2.840.113549.1.9.1=#0c127765626d617374657240617373652e636f6d,2.5.4.13=#131033773733364f37677a6d785333356136
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Organization unit: Secure Digital Certificate Signing
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 0f:33:cbSerial Number (int): 996299
Serial Number lenght: 20 bits, 3 octets
SubjectKeyId: 3a:bf:00:8f:8b:21:2a:bb:58:06:0d:c7:17:91:ca:9b:59:ba:fc:c7
AuthorityKeyId: eb:42:34:d0:98:b0:ab:9f:f4:1b:6b:08:f7:cc:64:2e:ef:0e:2c:45
Fingerprint (sha1): 8d:9d:ba:80:a0:08:e6:9e:f1:4c:60:ab:06:a4:2e:43:44:19:bf:15
Fingerprint (sha256): bc:55:ce:cd:bf:9c:0f:29:b3:a6:5e:ae:5a:6d:2d:86:09:dc:c3:ac:98:77:b6:a4:62:91:09:ef:1f:d1:f2:03
Issuing Certificate URL: http://aia.startssl.com/certs/sub.class1.server.ca.crt
Revocation information
OCSP Server: http://ocsp.startssl.com/sub/class1/server/caCRL Distribution Point: http://crl.startssl.com/crt1-crl.crl
Check the revocation status for certificate db.asse.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for db.asse.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
db.asse.com
asse.com
asse.com
Other certificates including the domain name asse.com
(limited to 100 certificates)
dev-payment.asse.com
payment.asse.com
sentry-io.asse.com
asse.com
canada.asse.com
payment.asse.com
payment.asse.com
dev-payment.asse.com
sentry-io.asse.com
asse.com
aspireworldwide.com
sentry-io.asse.com
payment.asse.com
sentry-io.asse.com
dev-payment.asse.com
payment.asse.com
db-inbound.asse.com
mail.asse.com
dev-payment.asse.com
dev-payment.asse.com
canada.asse.com
dev-payment.asse.com
sentry-io.asse.com
payment.asse.com
db-outbound.asse.com
asse.com
asse.com
asse.com
asse.com
db.asse.com
payment.asse.com
aspireworldwide.com
asse.com
db-inbound.asse.com
canada-english.asse.com
asse.com
asse.com
new.aspireww.com
dev-payment.asse.com
db-inbound.asse.com
payment.asse.com
db-outbound.asse.com
asse.com
asse.com
payment.asse.com
db.asse.com
db-outbound.asse.com
canada.asse.com
asse.com
asse.com
sentry-io.asse.com
aspireworldwide.com
sentry-io.asse.com
canada.asse.com
aspireworldwide.com
db-outbound.asse.com
db-outbound.asse.com
aspireworldwide.com
asse.com
asse.com
db-inbound.asse.com
*.asse.com
asse.com
asse.com
db-inbound.asse.com
dev-payment.asse.com
canada-english.asse.com
db-outbound.asse.com
dev-payment.asse.com
dev-payment.asse.com
asse.com
db-outbound.asse.com
sentry-io.asse.com
asse.com
payment.asse.com
asse.com
dev-payment.asse.com
asse.com
db.asse.com
aspireworldwide.com
payment.asse.com
aspireworldwide.com
aspireworldwide.com
db-outbound.asse.com
asse.com
db.asse.com
db-outbound.asse.com
db.asse.com
aspireworldwide.com
canada-english.asse.com
canada-english.asse.com
canada.asse.com
canada.asse.com
dev-payment.asse.com
aspireworldwide.com
db-inbound.asse.com
dev-payment.asse.com
asse.com
aspireworldwide.com
asse.com
payment.asse.com
sentry-io.asse.com
asse.com
canada.asse.com
payment.asse.com
payment.asse.com
dev-payment.asse.com
sentry-io.asse.com
asse.com
aspireworldwide.com
sentry-io.asse.com
payment.asse.com
sentry-io.asse.com
dev-payment.asse.com
payment.asse.com
db-inbound.asse.com
mail.asse.com
dev-payment.asse.com
dev-payment.asse.com
canada.asse.com
dev-payment.asse.com
sentry-io.asse.com
payment.asse.com
db-outbound.asse.com
asse.com
asse.com
asse.com
asse.com
db.asse.com
payment.asse.com
aspireworldwide.com
asse.com
db-inbound.asse.com
canada-english.asse.com
asse.com
asse.com
new.aspireww.com
dev-payment.asse.com
db-inbound.asse.com
payment.asse.com
db-outbound.asse.com
asse.com
asse.com
payment.asse.com
db.asse.com
db-outbound.asse.com
canada.asse.com
asse.com
asse.com
sentry-io.asse.com
aspireworldwide.com
sentry-io.asse.com
canada.asse.com
aspireworldwide.com
db-outbound.asse.com
db-outbound.asse.com
aspireworldwide.com
asse.com
asse.com
db-inbound.asse.com
*.asse.com
asse.com
asse.com
db-inbound.asse.com
dev-payment.asse.com
canada-english.asse.com
db-outbound.asse.com
dev-payment.asse.com
dev-payment.asse.com
asse.com
db-outbound.asse.com
sentry-io.asse.com
asse.com
payment.asse.com
asse.com
dev-payment.asse.com
asse.com
db.asse.com
aspireworldwide.com
payment.asse.com
aspireworldwide.com
aspireworldwide.com
db-outbound.asse.com
asse.com
db.asse.com
db-outbound.asse.com
db.asse.com
aspireworldwide.com
canada-english.asse.com
canada-english.asse.com
canada.asse.com
canada.asse.com
dev-payment.asse.com
aspireworldwide.com
db-inbound.asse.com
dev-payment.asse.com
asse.com
aspireworldwide.com
asse.com
Certificate
The complete raw certificate details for db.asse.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGRzCCBS+gAwIBAgIDDzPLMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQwMzE3MDkxMDU1 WhcNMTUwMzE4MDc1MzM0WjBhMRkwFwYDVQQNExAzdzczNk83Z3pteFMzNWE2MQsw CQYDVQQGEwJVUzEUMBIGA1UEAxMLZGIuYXNzZS5jb20xITAfBgkqhkiG9w0BCQEW EndlYm1hc3RlckBhc3NlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwmIw2Utbo5dfvqEX7TyPqKiI6sjsjlj9Cv1ADOIiV6TdX3UpnE3JReyJ7N NtNoqvIJ5Ho+WQ6T1DVHojX1fTNjO56Tp97VsCiDvEzkd1Rdp6fdJU8w63pOzSfj kZ5oqEzMX2rGBUZd3516s6B0i9DhyscPJEod8o4SMyYXcLcd/T/Lazy6nYy3LSTO h8fFv/lnIkNcixozdW4+N+21/1E7URLHmaqsmmozJgakQPVRRFmJd6sTuUmFTk0f UKyVllirvzpqUrdLqTuuECAcqyLpME032V2bojIrmd+dq2rrda39sHXXeflHyHYH RPUbJZaC5DJTZEhCZbn4odXWwvECAwEAAaOCAtowggLWMAkGA1UdEwQCMAAwCwYD VR0PBAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBQ6vwCPiyEq u1gGDccXkcqbWbr8xzAfBgNVHSMEGDAWgBTrQjTQmLCrn/Qbawj3zGQu7w4sRTAg BgNVHREEGTAXggtkYi5hc3NlLmNvbYIIYXNzZS5jb20wggFWBgNVHSAEggFNMIIB STAIBgZngQwBAgEwggE7BgsrBgEEAYG1NwECAzCCASowLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwgfcGCCsGAQUFBwICMIHq MCcWIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MAMCAQEagb5UaGlz IGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNjb3JkaW5nIHRvIHRoZSBDbGFzcyAx IFZhbGlkYXRpb24gcmVxdWlyZW1lbnRzIG9mIHRoZSBTdGFydENvbSBDQSBwb2xp Y3ksIHJlbGlhbmNlIG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3NlIGluIGNv bXBsaWFuY2Ugb2YgdGhlIHJlbHlpbmcgcGFydHkgb2JsaWdhdGlvbnMuMDUGA1Ud HwQuMCwwKqAooCaGJGh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydDEtY3JsLmNy bDCBjgYIKwYBBQUHAQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDovL29jc3Auc3Rh cnRzc2wuY29tL3N1Yi9jbGFzczEvc2VydmVyL2NhMEIGCCsGAQUFBzAChjZodHRw Oi8vYWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9zdWIuY2xhc3MxLnNlcnZlci5jYS5j cnQwIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20vMA0GCSqGSIb3 DQEBBQUAA4IBAQBf5VzmAnIBQmJ17TxbTHyVBxGXjsjBcwFpkawEabPI53vES4JL TRQH8fn+TR31LFdVWyi3sdLq7oVFbjcD6jXDSpUQFb/Fplm4IvDQpF3QLp7cXuc1 qL0ScM+MYHmkUGpfGxeb4choLMZnFT72tvLdy8iHcpENUZZ5bthUBtWGRcP23s2p 0bwFR0n09T8+nEmk0B8WO0ZtxdEFKsPesrVJXww9quEwadjwlm0qvSdZX6hVRwGr G76MCL3hJUppTwhqnJ4fhW+wbU43B6B2Tg3euLlVXxvktIffjWLl4llreszwaOwe ZjocdzNFqDtALW1avGdFYQdRimlFU/Py5DGC -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCYjDZS1ujl1++oRftPI +oqIjqyOyOWP0K/UAM4iJXpN1fdSmcTclF7Ins0202iq8gnkej5ZDpPUNUeiNfV9 M2M7npOn3tWwKIO8TOR3VF2np90lTzDrek7NJ+ORnmioTMxfasYFRl3fnXqzoHSL 0OHKxw8kSh3yjhIzJhdwtx39P8trPLqdjLctJM6Hx8W/+WciQ1yLGjN1bj437bX/ UTtREseZqqyaajMmBqRA9VFEWYl3qxO5SYVOTR9QrJWWWKu/OmpSt0upO64QIByr IukwTTfZXZuiMiuZ352raut1rf2wddd5+UfIdgdE9RslloLkMlNkSEJlufih1dbC 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 996299 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-03-17 09:10:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-03-18 07:53:34 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.13 (description) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '3w736O7gzmxS35a6' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'db.asse.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25771420232185669714234194018695395158065070309450536055142832262849562917648611826069722771318900044658653175924467168082270193430717445615277275096607435048500154312450765764619265385415247921344892850877248021255526094014139419047338718955299712527921408521910440814932163782458509022515083504408750747442835552184227547365159308099300766024879842180207434730560546602192358706883272590625975496764650345733891250170091165661269378540991649954580071871643022524683697049879945178959075729618287207849130176457701858939378514983527338390164490379548090960991244506037868325648814868726816323110934400071703893295857 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3abf008f8b212abb58060dc71791ca9b59bafcc7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName eb4234d098b0ab9ff41b6b08f7cc642eef0e2c45 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'db.asse.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asse.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (333 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 67 108 97 115 115 32 49 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt1-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class1/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class1.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005fe55ce6027201426275ed3c5b4c7c950711978ec8c173016991ac0469b3c8e77bc44b824b4d1407f1f9fe4d1df52c57555b28b7b1d2eaee85456e3703ea35c34a951015bfc5a659b822f0d0a45dd02e9edc5ee735a8bd1270cf8c6079a4506a5f1b179be1c8682cc667153ef6b6f2ddcbc88772910d5196796ed85406d58645c3f6decda9d1bc054749f4f53f3e9c49a4d01f163b466dc5d1052ac3deb2b5495f0c3daae13069d8f0966d2abd27595fa8554701ab1bbe8c08bde1254a694f086a9c9e1f856fb06d4e3707a0764e0ddeb8b9555f1be4b487df8d62e5e2596b7accf068ec1e663a1c773345a83b402d6d5abc67456107518a694553f3f2e43182