1This certificate comes from the CT database. The encoding of validity fails to be parsed using the strict rules. 2 3 4$ openssl asn1parse -i < [TBS CERTIFICATE] 5 0:d=0 hl=4 l=1276 cons: SEQUENCE 6 4:d=1 hl=2 l= 3 cons: cont [ 0 ] 7 6:d=2 hl=2 l= 1 prim: INTEGER :02 8 9:d=1 hl=2 l= 3 prim: INTEGER :2821D5 9 14:d=1 hl=2 l= 13 cons: SEQUENCE 10 16:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 11 27:d=2 hl=2 l= 0 prim: NULL 12 29:d=1 hl=3 l= 220 cons: SEQUENCE 13 32:d=2 hl=2 l= 11 cons: SET 14 34:d=3 hl=2 l= 9 cons: SEQUENCE 15 36:d=4 hl=2 l= 3 prim: OBJECT :countryName 16 41:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US 17 45:d=2 hl=2 l= 16 cons: SET 18 47:d=3 hl=2 l= 14 cons: SEQUENCE 19 49:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName 20 54:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Arizona 21 63:d=2 hl=2 l= 19 cons: SET 22 65:d=3 hl=2 l= 17 cons: SEQUENCE 23 67:d=4 hl=2 l= 3 prim: OBJECT :localityName 24 72:d=4 hl=2 l= 10 prim: PRINTABLESTRING :Scottsdale 25 84:d=2 hl=2 l= 37 cons: SET 26 86:d=3 hl=2 l= 35 cons: SEQUENCE 27 88:d=4 hl=2 l= 3 prim: OBJECT :organizationName 28 93:d=4 hl=2 l= 28 prim: PRINTABLESTRING :Starfield Technologies, Inc. 29 123:d=2 hl=2 l= 57 cons: SET 30 125:d=3 hl=2 l= 55 cons: SEQUENCE 31 127:d=4 hl=2 l= 3 prim: OBJECT :organizationalUnitName 32 132:d=4 hl=2 l= 48 prim: PRINTABLESTRING :http://certificates.starfieldtech.com/repository 33 182:d=2 hl=2 l= 49 cons: SET 34 184:d=3 hl=2 l= 47 cons: SEQUENCE 35 186:d=4 hl=2 l= 3 prim: OBJECT :commonName 36 191:d=4 hl=2 l= 40 prim: PRINTABLESTRING :Starfield Secure Certification Authority 37 233:d=2 hl=2 l= 17 cons: SET 38 235:d=3 hl=2 l= 15 cons: SEQUENCE 39 237:d=4 hl=2 l= 3 prim: OBJECT :serialNumber 40 242:d=4 hl=2 l= 8 prim: PRINTABLESTRING :10688435 41 252:d=1 hl=2 l= 28 cons: SEQUENCE 42 254:d=2 hl=2 l= 11 prim: UTCTIME :1401070000Z 43 267:d=2 hl=2 l= 13 prim: UTCTIME :160401070000Z 44 282:d=1 hl=3 l= 235 cons: SEQUENCE 45 285:d=2 hl=2 l= 19 cons: SET 46 287:d=3 hl=2 l= 17 cons: SEQUENCE 47 289:d=4 hl=2 l= 11 prim: OBJECT :1.3.6.1.4.1.311.60.2.1.3 48 302:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US 49 306:d=2 hl=2 l= 24 cons: SET 50 308:d=3 hl=2 l= 22 cons: SEQUENCE 51 310:d=4 hl=2 l= 11 prim: OBJECT :1.3.6.1.4.1.311.60.2.1.2 52 323:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Arizona 53 332:d=2 hl=2 l= 29 cons: SET 54 334:d=3 hl=2 l= 27 cons: SEQUENCE 55 336:d=4 hl=2 l= 3 prim: OBJECT :businessCategory 56 341:d=4 hl=2 l= 20 prim: PRINTABLESTRING :Private Organization 57 363:d=2 hl=2 l= 20 cons: SET 58 365:d=3 hl=2 l= 18 cons: SEQUENCE 59 367:d=4 hl=2 l= 3 prim: OBJECT :serialNumber 60 372:d=4 hl=2 l= 11 prim: PRINTABLESTRING :R-1724741-6 61 385:d=2 hl=2 l= 11 cons: SET 62 387:d=3 hl=2 l= 9 cons: SEQUENCE 63 389:d=4 hl=2 l= 3 prim: OBJECT :countryName 64 394:d=4 hl=2 l= 2 prim: PRINTABLESTRING :US 65 398:d=2 hl=2 l= 16 cons: SET 66 400:d=3 hl=2 l= 14 cons: SEQUENCE 67 402:d=4 hl=2 l= 3 prim: OBJECT :stateOrProvinceName 68 407:d=4 hl=2 l= 7 prim: PRINTABLESTRING :Arizona 69 416:d=2 hl=2 l= 19 cons: SET 70 418:d=3 hl=2 l= 17 cons: SEQUENCE 71 420:d=4 hl=2 l= 3 prim: OBJECT :localityName 72 425:d=4 hl=2 l= 10 prim: PRINTABLESTRING :Scottsdale 73 437:d=2 hl=2 l= 36 cons: SET 74 439:d=3 hl=2 l= 34 cons: SEQUENCE 75 441:d=4 hl=2 l= 3 prim: OBJECT :organizationName 76 446:d=4 hl=2 l= 27 prim: PRINTABLESTRING :Starfield Technologies, LLC 77 475:d=2 hl=2 l= 43 cons: SET 78 477:d=3 hl=2 l= 41 cons: SEQUENCE 79 479:d=4 hl=2 l= 3 prim: OBJECT :commonName 80 484:d=4 hl=2 l= 34 prim: PRINTABLESTRING :valid.sfi.catest.starfieldtech.com 81 520:d=1 hl=4 l= 290 cons: SEQUENCE 82 524:d=2 hl=2 l= 13 cons: SEQUENCE 83 526:d=3 hl=2 l= 9 prim: OBJECT :rsaEncryption 84 537:d=3 hl=2 l= 0 prim: NULL 85 539:d=2 hl=4 l= 271 prim: BIT STRING 86 814:d=1 hl=4 l= 462 cons: cont [ 3 ] 87 818:d=2 hl=4 l= 458 cons: SEQUENCE 88 822:d=3 hl=2 l= 12 cons: SEQUENCE 89 824:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints 90 829:d=4 hl=2 l= 1 prim: BOOLEAN :255 91 832:d=4 hl=2 l= 2 prim: OCTET STRING [HEX DUMP]:3000 92 836:d=3 hl=2 l= 14 cons: SEQUENCE 93 838:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage 94 843:d=4 hl=2 l= 1 prim: BOOLEAN :255 95 846:d=4 hl=2 l= 4 prim: OCTET STRING [HEX DUMP]:030205A0 96 852:d=3 hl=2 l= 29 cons: SEQUENCE 97 854:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage 98 859:d=4 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:301406082B0601050507030106082B06010505070302 99 883:d=3 hl=2 l= 45 cons: SEQUENCE 100 885:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Alternative Name 101 890:d=4 hl=2 l= 38 prim: OCTET STRING [HEX DUMP]:3024822276616C69642E7366692E6361746573742E737461726669656C64746563682E636F6D 102 930:d=3 hl=2 l= 29 cons: SEQUENCE 103 932:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier 104 937:d=4 hl=2 l= 22 prim: OCTET STRING [HEX DUMP]:041470EF9012A65C1E984F5BDB33C30F6DCBED401A64 105 961:d=3 hl=2 l= 31 cons: SEQUENCE 106 963:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier 107 968:d=4 hl=2 l= 24 prim: OCTET STRING [HEX DUMP]:30168014494B5227D11BBCF2A1216A627B51427A8AD7D556 108 994:d=3 hl=2 l= 56 cons: SEQUENCE 109 996:d=4 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution Points 110 1001:d=4 hl=2 l= 49 prim: OCTET STRING [HEX DUMP]:302F302DA02BA0298627687474703A2F2F63726C2E737461726669656C64746563682E636F6D2F736673332D302E63726C 111 1052:d=3 hl=3 l= 141 cons: SEQUENCE 112 1055:d=4 hl=2 l= 8 prim: OBJECT :Authority Information Access 113 1065:d=4 hl=3 l= 128 prim: OCTET STRING [HEX DUMP]:307E302A06082B06010505073001861E687474703A2F2F6F6373702E737461726669656C64746563682E636F6D2F305006082B060105050730028644687474703A2F2F6365727469666963617465732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F73665F696E7465726D6564696174652E637274 114 1196:d=3 hl=2 l= 82 cons: SEQUENCE 115 1198:d=4 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies 116 1203:d=4 hl=2 l= 75 prim: OCTET STRING [HEX DUMP]:30493047060B6086480186FD6E010717033038303606082B06010505070201162A687474703A2F2F63657274732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F 117-----BEGIN TBS CERTIFICATE----- 118MIIE/KADAgECAgMoIdUwDQYJKoZIhvcNAQEFBQAwgdwxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwd 119Bcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG 1209naWVzLCBJbmMuMTkwNwYDVQQLEzBodHRwOi8vY2VydGlmaWNhdGVzLnN0YXJmaWVsZHRlY2guY 12129tL3JlcG9zaXRvcnkxMTAvBgNVBAMTKFN0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGlvbiBB 122dXRob3JpdHkxETAPBgNVBAUTCDEwNjg4NDM1MBwXCzE0MDEwNzAwMDBaFw0xNjA0MDEwNzAwMDB 123aMIHrMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRgwFgYLKwYBBAGCNzwCAQITB0FyaXpvbmExHTAbBg 124NVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRQwEgYDVQQFEwtSLTE3MjQ3NDEtNjELMAkGA1UEB 125hMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJDAiBgNVBAoTG1N0 126YXJmaWVsZCBUZWNobm9sb2dpZXMsIExMQzErMCkGA1UEAxMidmFsaWQuc2ZpLmNhdGVzdC5zdGF 127yZmllbGR0ZWNoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3UsdA7Nr22Qr 128HAYv7/IqL8V7kczSyO9wziJzVdWu+l7Brg//TgjMZKMgY7cJdpICvFAxLOxO3Z1w721InVmTxz0 1291lczx5WrH3aJMwR/05By5tanNaas9zdMAWFtWd8SYKm2xcSC3FsAhue2s14OT+EE92XgNgVhF2b 130dlOTgkwh/+q4Nl7k62LncnRSzFZdJKiorI811vrvVD45NB9IOPuRUXj5GLcUh4BXXp3ZSekFbVu 131A2oDnIhNGyQcThtf3wcM0dRMeKgemAD59d96NaQYH/QVA3gdtlzKxgeF/UvlxYG3P3DknTRiaMz 132l/Na9NzdRQX2i7ubskThqoRs05Zv0CAwEAAaOCAc4wggHKMAwGA1UdEwEB/wQCMAAwDgYDVR0PA 133QH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAtBgNVHREEJjAkgiJ2YWxp 134ZC5zZmkuY2F0ZXN0LnN0YXJmaWVsZHRlY2guY29tMB0GA1UdDgQWBBRw75ASplwemE9b2zPDD23 135L7UAaZDAfBgNVHSMEGDAWgBRJS1In0Ru88qEhamJ7UUJ6itfVVjA4BgNVHR8EMTAvMC2gK6Aphi 136dodHRwOi8vY3JsLnN0YXJmaWVsZHRlY2guY29tL3NmczMtMC5jcmwwgY0GCCsGAQUFBwEBBIGAM 137H4wKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29tLzBQBggrBgEFBQcw 138AoZEaHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmX2l 139udGVybWVkaWF0ZS5jcnQwUgYDVR0gBEswSTBHBgtghkgBhv1uAQcXAzA4MDYGCCsGAQUFBwIBFi 140podHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8= 141-----END TBS CERTIFICATE----- 142 143ERROR: Failed parsing validity 144 145-----BEGIN ERRORS----- 146RVJST1I6IEZhaWxlZCBwYXJzaW5nIHZhbGlkaXR5Cg== 147-----END ERRORS-----