www.iainnicol.com

Issued by StartCom Class 1 Primary Intermediate Server CA

About this certificate


This digital certificate with serial number 05:fe:53:59:b6:90:25 was issued on by StartCom Ltd. .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([2.5.29.18])
  • ERROR: Certificate has key usage [KeyAgreement] set

www.iainnicol.com

Country: GB

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Country: GB

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 05:fe:53:59:b6:90:25
Serial Number (int): 1687008824430629
Serial Number lenght: 51 bits, 7 octets

SubjectKeyId: c2:d6:a3:e7:e8:58:85:26:8c:7c:b8:29:f8:f2:3c:d2:ff:c9:96:e7
AuthorityKeyId: eb:42:34:d0:98:b0:ab:9f:f4:1b:6b:08:f7:cc:64:2e:ef:0e:2c:45

Fingerprint (sha1): a0:10:3f:b7:b6:f7:e5:12:92:3d:88:b8:2f:67:ab:a9:58:a5:b8:96
Fingerprint (sha256): 35:54:9d:55:8e:d3:1a:e2:ca:7f:fe:c4:6f:7c:bd:e6:1f:b6:27:b8:59:4b:e0:c6:32:82:0d:5e:c9:ad:58:68

Issuing Certificate URL: http://aia.startssl.com/certs/sub.class1.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class1/server/ca
CRL Distribution Point: http://crl.startssl.com/crt1-crl.crl

Check the revocation status for the current certificate on www.iainnicol.com
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.iainnicol.com
iainnicol.com

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIHZjCCBk6gAwIBAgIHBf5TWbaQJTANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UE BhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBE aWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENs YXNzIDEgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMB4XDTE1MDcxNTIx NTAzNloXDTE2MDcxNjExMzMwMVowcTELMAkGA1UEBhMCR0IxGjAYBgNVBAMTEXd3 dy5pYWlubmljb2wuY29tMUYwRAYJKoZIhvcNAQkBFjc2ODc0YzQzNGZjN2Q0NjM4 YWM1MzY3MTA4ZWViY2ZlNi5wcm90ZWN0QHdob2lzZ3VhcmQuY29tMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArgbOq9x/NTpx2hbDkxs0bjs8YuH6I+3K xFFixB2H56NXRpmtS8oLDbXOijD0WFz+rxwJaXok38nJFc0eRHrmdXYQ/VwQlpDC UJORpgfqYzZR0ewWL8syBYi3be838A/ySARDe4n0I86jFuJ2m8eUQPxlznMZLQjn RWd/2pQrjfk3/Tl1TnFVzUNE2LHVSxuWqtH6fB2ZkzNO7j5DuO0BpY+L6WfE4hTN qebpRXRUvGuOTxA10xoFSyyWO25ffJKkk6XOrOpcruOG5hhoTNVazgZ+x84Hs/UO JRbp/8zis4iVSkcLySjr0u4JhjS4UsSj1ok3lzNCJ9vCSNjxIVushAZq+3qd83y7 2/ZUxiQJJqV1o0ME1oEfzBw1YXytJRXWtJ0cHAKMJ/8Cg/8DAKyI7V3l4fGExqTl cTZ1yaPOjWZ+GDIVwrQApz+3nEFzfXpeLVs5ReNs6ioD0Q9TgNK+RzaSDLUtcOTO c4XOHFkzpu0SO8t+O8LHjHqnDD9yV6HB5LplckJOJ0vrIBQ9qubonoC0XaX+VOXd ONW7zQMzTHfVkPywDLGsYfpUtjFpINzlbQD+4lY7hi3zk0RxRiLBHmfepdULOu2r BveoYQvCerSg0dknu9WQ80qgTjpeIqVd7Nm/zujJMrvR16LprfwTp966IrJoKNTM J3BeUUBEp2kCAwEAAaOCAuUwggLhMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMBMG A1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBTC1qPn6FiFJox8uCn48jzS/8mW 5zAfBgNVHSMEGDAWgBTrQjTQmLCrn/Qbawj3zGQu7w4sRTArBgNVHREEJDAighF3 d3cuaWFpbm5pY29sLmNvbYINaWFpbm5pY29sLmNvbTCCAVYGA1UdIASCAU0wggFJ MAgGBmeBDAECATCCATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCARYiaHR0 cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeow JxYgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMg Y2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzIDEg VmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGlj eSwgcmVsaWFuY2Ugb25seSBmb3IgdGhlIGludGVuZGVkIHB1cnBvc2UgaW4gY29t cGxpYW5jZSBvZiB0aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wNQYDVR0f BC4wLDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0MS1jcmwuY3Js MIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFy dHNzbC5jb20vc3ViL2NsYXNzMS9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6 Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczEuc2VydmVyLmNhLmNy dDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcN AQELBQADggEBAFROrBoldpSxyvBGsq429++rGRSUUSClijIn8lxf63Rztb/60eOi oa8CmUFblMMjQPEJzWEfkSf6Hdrsf9w0m09QIUGX8WZYHBH1sXW08VwsIfIs8nW8 t/izUFWlcCBsFCn0XwYKq3ab5OLXG8GhLQjdqbk7vI/P1WSOTrXhKOJuCgTXnHAO 0LuLYRydoj66PI1bcrRA/x/2+uph+rYpTtGunWeMvSUL1NklcwbCJZRvezH8qFfB peqnxn5tyY+ujYEghzMsabrCoTyYg00YdQBLIvAziMip2+q7vaeinrpuVzSDIIJB pcQwgJFiyYerps+KzetaqP8NLrB3F8eo8Z0= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArgbOq9x/NTpx2hbDkxs0 bjs8YuH6I+3KxFFixB2H56NXRpmtS8oLDbXOijD0WFz+rxwJaXok38nJFc0eRHrm dXYQ/VwQlpDCUJORpgfqYzZR0ewWL8syBYi3be838A/ySARDe4n0I86jFuJ2m8eU QPxlznMZLQjnRWd/2pQrjfk3/Tl1TnFVzUNE2LHVSxuWqtH6fB2ZkzNO7j5DuO0B pY+L6WfE4hTNqebpRXRUvGuOTxA10xoFSyyWO25ffJKkk6XOrOpcruOG5hhoTNVa zgZ+x84Hs/UOJRbp/8zis4iVSkcLySjr0u4JhjS4UsSj1ok3lzNCJ9vCSNjxIVus hAZq+3qd83y72/ZUxiQJJqV1o0ME1oEfzBw1YXytJRXWtJ0cHAKMJ/8Cg/8DAKyI 7V3l4fGExqTlcTZ1yaPOjWZ+GDIVwrQApz+3nEFzfXpeLVs5ReNs6ioD0Q9TgNK+ RzaSDLUtcOTOc4XOHFkzpu0SO8t+O8LHjHqnDD9yV6HB5LplckJOJ0vrIBQ9qubo noC0XaX+VOXdONW7zQMzTHfVkPywDLGsYfpUtjFpINzlbQD+4lY7hi3zk0RxRiLB HmfepdULOu2rBveoYQvCerSg0dknu9WQ80qgTjpeIqVd7Nm/zujJMrvR16LprfwT p966IrJoKNTMJ3BeUUBEp2kCAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1687008824430629 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure Digital Certificate Signing' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 1 Primary Intermediate Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-07-15 21:50:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-07-16 11:33:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.iainnicol.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 709966549872356135715348310379986784126400179819036009409966159784015913429022124637493548014247017662966712513883516718376027874010009729614191187454350586586958997713284294705984571546311573676588103108564107100720524271137325506998305758922381198138794324371378904358576254893619933543393504248186159089938864005570115326631225942451655083223784109831713926996773024053441309682922897953906893649387313841984857646757264896073130950908820221107627250998600196719036000097823145499838261491164458875998505959739861310510795436767594145987796007385609098014232762371103121244909515476424054875308388021269820727721357063041368338741686743062081389873896216903789989701141299937971680211439024242432807525497881013679185864218429549742165575220867460468561036891785854611493993869254984378720487636732294302799145826819739010393643394000999728207629739886102706721942232008368004691839397026327962102277388745109267981807894389104099624478657704455115565184826459518909832921598604129169185041819990264954750734654143101001817395883477185283931012392665906448405745915065492952757787384902882747611599225270790957957582904161814230187344225666846214176272927773310819457318383550499766263256859537908523051532881607377595754933954409 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c2d6a3e7e85885268c7cb829f8f23cd2ffc996e7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName eb4234d098b0ab9ff41b6b08f7cc642eef0e2c45 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iainnicol.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iainnicol.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (333 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'StartCom Certification Authority' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [84 104 105 115 32 99 101 114 116 105 102 105 99 97 116 101 32 119 97 115 32 105 115 115 117 101 100 32 97 99 99 111 114 100 105 110 103 32 116 111 32 116 104 101 32 67 108 97 115 115 32 49 32 86 97 108 105 100 97 116 105 111 110 32 114 101 113 117 105 114 101 109 101 110 116 115 32 111 102 32 116 104 101 32 83 116 97 114 116 67 111 109 32 67 65 32 112 111 108 105 99 121 44 32 114 101 108 105 97 110 99 101 32 111 110 108 121 32 102 111 114 32 116 104 101 32 105 110 116 101 110 100 101 100 32 112 117 114 112 111 115 101 32 105 110 32 99 111 109 112 108 105 97 110 99 101 32 111 102 32 116 104 101 32 114 101 108 121 105 110 103 32 112 97 114 116 121 32 111 98 108 105 103 97 116 105 111 110 115 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/crt1-crl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (129 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com/sub/class1/server/ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sub.class1.server.ca.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00544eac1a257694b1caf046b2ae36f7efab1914945120a58a3227f25c5feb7473b5bffad1e3a2a1af0299415b94c32340f109cd611f9127fa1ddaec7fdc349b4f50214197f166581c11f5b175b4f15c2c21f22cf275bcb7f8b35055a570206c1429f45f060aab769be4e2d71bc1a12d08dda9b93bbc8fcfd5648e4eb5e128e26e0a04d79c700ed0bb8b611c9da23eba3c8d5b72b440ff1ff6faea61fab6294ed1ae9d678cbd250bd4d9257306c225946f7b31fca857c1a5eaa7c67e6dc98fae8d812087332c69bac2a13c98834d1875004b22f03388c8a9dbeabbbda7a29eba6e573483208241a5c430809162c987aba6cf8acdeb5aa8ff0d2eb07717c7a8f19d