*.prime-gr.ru
- Sergey Oskorbin -
Issued by StartCom Class 2 Primary Intermediate Server CA
About this certificate
This digital certificate with serial number 06:c0:f9:1d:e0:54:6e was issued on by StartCom Ltd..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates SHOULD NOT use the noticeRef option (RFC 5280: 4.2.1.4)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Sergey Oskorbin
Organization:
Sergey Oskorbin
State / Province:
Irkutsk Oblast
Locality: Irkutsk
Country: RU
Locality: Irkutsk
Country: RU
StartCom Ltd.
Organization:
StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Organization unit: Secure Digital Certificate Signing
Country:
IL
This certificate has expire since
Certificate Details
Serial Number (hex): 06:c0:f9:1d:e0:54:6eSerial Number (int): 1901026040894574
Serial Number lenght: 51 bits, 7 octets
SubjectKeyId: bf:2d:69:d8:cc:64:4c:d8:c6:07:f1:e1:3e:1a:9c:b2:e0:4a:ea:69
AuthorityKeyId: 11:db:23:45:fd:54:cc:6a:71:6f:84:8a:03:d7:be:f7:01:2f:26:86
Fingerprint (sha1): 8c:51:55:9c:e1:f4:4c:48:86:8b:b1:60:31:46:4f:ea:be:02:0e:4f
Fingerprint (sha256): c0:30:eb:ee:18:e6:2d:48:3f:86:b3:41:b2:72:e6:9e:ee:0b:0d:4a:01:48:71:af:1c:f1:e3:f5:38:33:c9:bc
Issuing Certificate URL: http://aia.startssl.com/certs/sub.class2.server.ca.crt
Revocation information
OCSP Server: http://ocsp.startssl.com/sub/class2/server/caCRL Distribution Point: http://crl.startssl.com/crt2-crl.crl
Check the revocation status for certificate *.prime-gr.ru
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.prime-gr.ru
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.prime-gr.ru
prime-gr.ru
prime-gr.ru
Other certificates including the domain name prime-gr.ru
(limited to 100 certificates)
serv002.prime-gr.ru
serv001.prime-gr.ru
git.prime-gr.ru
serv001.prime-gr.ru
prime-gr.ru
*.prime-gr.ru
prime-gr.ru
prime-gr.ru
prime-gr.ru
prime-gr.ru
prime-gr.ru
git.prime-gr.ru
prime-gr.ru
prime-gr.ru
git.prime-gr.ru
*.prime-gr.ru
prime-gr.ru
prime-gr.ru
git.prime-gr.ru
prime-gr.ru
git.prime-gr.ru
serv001.prime-gr.ru
*.prime-gr.ru
prime-gr.ru
serv001.prime-gr.ru
git.prime-gr.ru
prime-gr.ru
prime-gr.ru
*.prime-gr.ru
prime-gr.ru
prime-gr.ru
finbook-git.prime-gr.ru
prime-gr.ru
serv001.prime-gr.ru
git.prime-gr.ru
serv001.prime-gr.ru
prime-gr.ru
*.prime-gr.ru
prime-gr.ru
prime-gr.ru
prime-gr.ru
prime-gr.ru
prime-gr.ru
git.prime-gr.ru
prime-gr.ru
prime-gr.ru
git.prime-gr.ru
*.prime-gr.ru
prime-gr.ru
prime-gr.ru
git.prime-gr.ru
prime-gr.ru
git.prime-gr.ru
serv001.prime-gr.ru
*.prime-gr.ru
prime-gr.ru
serv001.prime-gr.ru
git.prime-gr.ru
prime-gr.ru
prime-gr.ru
*.prime-gr.ru
prime-gr.ru
prime-gr.ru
finbook-git.prime-gr.ru
prime-gr.ru
Certificate
The complete raw certificate details for *.prime-gr.ru in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHijCCBnKgAwIBAgIHBsD5HeBUbjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UE BhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBE aWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENs YXNzIDIgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMB4XDTE1MDIxOTA5 MDUxOFoXDTE3MDIxOTE1MzEzMFowgZAxCzAJBgNVBAYTAlJVMRcwFQYDVQQIEw5J cmt1dHNrIE9ibGFzdDEQMA4GA1UEBxMHSXJrdXRzazEYMBYGA1UEChMPU2VyZ2V5 IE9za29yYmluMRYwFAYDVQQDFA0qLnByaW1lLWdyLnJ1MSQwIgYJKoZIhvcNAQkB FhV3ZWJtYXN0ZXJAcHJpbWUtZ3IucnUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw ggIKAoICAQDboSgyKALC7RKntpM+TjCtgH/3xeTLw0TYOy3SeJg2QugmLpbhmclt v2wvPGmGkPkQGJvhJFVTlyx2ae8VvVkLBO0uyKQquHhDojVwOU9Vs34XuLH+DvQq HfTTgwx6hAfccRQXPT3uwy23HzAY0JcdVE0ETf4z8hinybjzc2ATpQSkuCeiLSsb cCpsovmPBhPjLpNoloM0PpvYwddPVhXk1FaKABCB+PaAx4uFzWrBsF/gI2JPArFS Dn3aUjh71ygzA4HcGQ3w7h2fRleTjgdKtbnHD3xRrsywPTu7Pnl9iMoQQEIgraMI HhdLuSmmHv/BWDCz4qbKx0/pNGKs6w4ZeuM1d2L/urz6hxmDUrPTym+wo0IdnnpI /lQmo6tDM3EZMEyr14+5tkCDoGkOZBZmaSa56Y0EN7aQuoI84P8MqT/cspI/pj7Q aEbgxDgu3j6wJp+FMEbyDd7aY6kc76/KPzIs56j4BatZ5G0GHiiKMogbkkgQOkKU 4sCnlYArU13OtZPuQtZOKKHrQoCkgVvS2rTFeZnzycrAvyu7ZJ/eMdPanh5CXDTD GxYM5hSW67bPg2JCrBb2L8OdMuSRMzOFHKdk1uJrgGKvMuNMYf9CeucYinnGyEDj YYbu1n6mbqI6OdsfjqfHV5zK95SUwIuCl69NhtLh4wMcwvP3IDa7VwIDAQABo4IC 6TCCAuUwCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0lBBYwFAYIKwYBBQUH AwIGCCsGAQUFBwMBMB0GA1UdDgQWBBS/LWnYzGRM2MYH8eE+Gpyy4ErqaTAfBgNV HSMEGDAWgBQR2yNF/VTManFvhIoD1773AS8mhjAlBgNVHREEHjAcgg0qLnByaW1l LWdyLnJ1ggtwcmltZS1nci5ydTCCAVYGA1UdIASCAU0wggFJMAgGBmeBDAECAjCC ATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFy dHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeowJxYgU3RhcnRDb20g Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMgY2VydGlmaWNhdGUg d2FzIGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzIDIgVmFsaWRhdGlvbiBy ZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGljeSwgcmVsaWFuY2Ug b25seSBmb3IgdGhlIGludGVuZGVkIHB1cnBvc2UgaW4gY29tcGxpYW5jZSBvZiB0 aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wNQYDVR0fBC4wLDAqoCigJoYk aHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0Mi1jcmwuY3JsMIGOBggrBgEFBQcB AQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFydHNzbC5jb20vc3Vi L2NsYXNzMi9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly9haWEuc3RhcnRz c2wuY29tL2NlcnRzL3N1Yi5jbGFzczIuc2VydmVyLmNhLmNydDAjBgNVHRIEHDAa hhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcNAQELBQADggEBALOF AHIfUTBIPUFcihU4NpWdtWCdD0wDWHi4Cz2G7ctFupuaF1D4e4zso4IMt2XZ8+mG Cbkisiyznp9W8CaH+paZiMrWKWMJCK4SeD0KhPUsGF2PjANGZqJc+ooM4wWtZ9ec B2XIdQvK/YdGQroofiySUMe+J8z4w2Jln8FXgciMuGl72iup2+9wXlzHgIKFLYhk 7Xs4iGqVQWKdikV5tb5Oh6d7Uv0F0uieOQF5kTRg2bOSW73Srcb66bf2AtrMy0oJ MJ3pyzaHpBgSh0xAxpsQkdhgHOmKXQvDiQHm3nELzlLFGhkaDCuXFEjfwzISIlC8 VlLTZmvx5pJmYUZls+w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA26EoMigCwu0Sp7aTPk4w rYB/98Xky8NE2Dst0niYNkLoJi6W4ZnJbb9sLzxphpD5EBib4SRVU5csdmnvFb1Z CwTtLsikKrh4Q6I1cDlPVbN+F7ix/g70Kh3004MMeoQH3HEUFz097sMttx8wGNCX HVRNBE3+M/IYp8m483NgE6UEpLgnoi0rG3AqbKL5jwYT4y6TaJaDND6b2MHXT1YV 5NRWigAQgfj2gMeLhc1qwbBf4CNiTwKxUg592lI4e9coMwOB3BkN8O4dn0ZXk44H SrW5xw98Ua7MsD07uz55fYjKEEBCIK2jCB4XS7kpph7/wVgws+KmysdP6TRirOsO GXrjNXdi/7q8+ocZg1Kz08pvsKNCHZ56SP5UJqOrQzNxGTBMq9ePubZAg6BpDmQW ZmkmuemNBDe2kLqCPOD/DKk/3LKSP6Y+0GhG4MQ4Lt4+sCafhTBG8g3e2mOpHO+v yj8yLOeo+AWrWeRtBh4oijKIG5JIEDpClOLAp5WAK1NdzrWT7kLWTiih60KApIFb 0tq0xXmZ88nKwL8ru2Sf3jHT2p4eQlw0wxsWDOYUluu2z4NiQqwW9i/DnTLkkTMz hRynZNbia4BirzLjTGH/QnrnGIp5xshA42GG7tZ+pm6iOjnbH46nx1ecyveUlMCL gpevTYbS4eMDHMLz9yA2u1cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1901026040894574 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-02-19 09:05:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-19 15:31:30 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RU' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Irkutsk Oblast' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Irkutsk' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sergey Oskorbin' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.prime-gr.ru' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 896010266761984117820854310746177202368807751814431204828980920572162236113279544424653005721004383703328409459934474828422878900044403361985103386598264937817884179139096024097426720253145585199239947071200298081521854382974430854329936088559125382076959092484708597141300369255433087554735745375517990586739909212501763323276826971395964271208688008805190446241853690948320151804494891986360996752074119117376050618744445637445330736181664329285697028516515705773959174422615285329125621794887543498178395599293566955274396422317939850541975038325441861054457473093682178389225351479094746298637901394558620789823665398165774018865006623801375167167375725713403549365335111001892633297933414775669866013176891945000718945222755714654904784023457512669088725886295722281389882424236865833517876067669257384651175926059221326641420494225948393448114300176864879943411312508716170974538447628091557383130867587199893844342577262772263626367456150020449199728245757290923041107283784746988161228611826259627393576785486426458832437024872835059246936322495025953792470181699843862959027499744289354297105103205098836811921755871672020620651114228392102504390546815416868235215378742543621061250000817893022973765773830548220181816458071 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bf2d69d8cc644cd8c607f1e13e1a9cb2e04aea69 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 11db2345fd54cc6a716f848a03d7bef7012f2686 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prime-gr.ru' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prime-gr.ru' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (333 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 67 108 97 115 115 32 50 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt2-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class2/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class2.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b38500721f5130483d415c8a153836959db5609d0f4c035878b80b3d86edcb45ba9b9a1750f87b8ceca3820cb765d9f3e98609b922b22cb39e9f56f02687fa969988cad629630908ae12783d0a84f52c185d8f8c034666a25cfa8a0ce305ad67d79c0765c8750bcafd874642ba287e2c9250c7be27ccf8c362659fc15781c88cb8697bda2ba9dbef705e5cc78082852d8864ed7b38886a9541629d8a4579b5be4e87a77b52fd05d2e89e390179913460d9b3925bbdd2adc6fae9b7f602dacccb4a09309de9cb3687a41812874c40c69b1091d8601ce98a5d0bc38901e6de710bce52c51a191a0c2b971448dfc332122250bc5652d3666bf1e69266614665b3ec