www.förderverein-spreewaldlutki.de

Issued by Symantec Basic DV SSL CA - G2

About this certificate

This digital certificate with serial number 3d:f7:5b:d2:55:40:1a:73:6b:ac:d7:b0:1c:9d:d5:79 was issued on by Symantec Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Characters in labels of DNSNames MUST be alphanumeric, - , _ or * (BRs: 7.1.4.2)
  • The common name field in subscriber certificates must include only names from the SAN extension (BRs: 7.1.4.2.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=www.förderverein-spreewaldlutki.de

Symantec Corporation

Organization: Symantec Corporation
Organization unit: Symantec Trust Network
Organization unit: Domain Validated SSL
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 3d:f7:5b:d2:55:40:1a:73:6b:ac:d7:b0:1c:9d:d5:79
Serial Number (int): 82367267430509752966831340720123401593
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: ca:ac:5d:e1:90:2f:f1:ef:8c:d4:9f:35:01:e1:01:3b:a0:ce:c1:77

Fingerprint (sha1): a3:b8:ba:b2:99:80:3c:66:67:2d:e8:20:22:18:21:f5:08:59:25:59
Fingerprint (sha256): 00:00:96:1b:0f:95:37:70:6b:cf:5c:cc:96:40:47:ef:c0:f8:5b:fe:97:0c:d5:ab:34:56:dd:d4:3b:4b:d6:de

Issuing Certificate URL: http://hd.symcb.com/hd.crt

Revocation information

OCSP Server: http://hd.symcd.com

Check the revocation status for certificate www.förderverein-spreewaldlutki.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.förderverein-spreewaldlutki.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.xn--frderverein-spreewaldlutki-cvc.de
xn--frderverein-spreewaldlutki-cvc.de

Other certificates including the domain name förderverein-spreewaldlutki.de

(limited to 100 certificates)

Certificate

The complete raw certificate details for www.förderverein-spreewaldlutki.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgIQPfdb0lVAGnNrrNewHJ3VeTANBgkqhkiG9w0BAQsFADCB
lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQLExREb21haW4g
VmFsaWRhdGVkIFNTTDEmMCQGA1UEAxMdU3ltYW50ZWMgQmFzaWMgRFYgU1NMIENB
IC0gRzIwHhcNMTcxMTE1MDAwMDAwWhcNMTgxMjE1MjM1OTU5WjAuMSwwKgYDVQQD
DCN3d3cuZsO2cmRlcnZlcmVpbi1zcHJlZXdhbGRsdXRraS5kZTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMLaV98EUvcW5hO45k3hWhuKZACVBxqhbuZ+
OX1O+HC5whbeSY3K+2PQh5i6QsV09lko5Hn+LMwDRPhvx/t1og2yMkxMLRdou8y8
UbBmAu4RN9atqKOZ3dYwHK8WCOXX5ajrPXrHm/NGl8dFK+cchjAKdeEz0gw9gomZ
Kt1d2ZqxarTCCzumWGa1V7Xvp6NuIJynepo457aoaEQNPjsVaBi4nYSpgIZxn/05
qG6vm9o7VTVdGtg1g7f7CCFo6JtY68eGmkVInIdHOw0JYkCDr9EaLBSM8BvrIn5m
JQnI3AQnUROo7muX//U9dZ+MiWjXQ7y5UZ+WYk5FLkebt1NJ/XUCAwEAAaOCAn8w
ggJ7MFsGA1UdEQRUMFKCKXd3dy54bi0tZnJkZXJ2ZXJlaW4tc3ByZWV3YWxkbHV0
a2ktY3ZjLmRlgiV4bi0tZnJkZXJ2ZXJlaW4tc3ByZWV3YWxkbHV0a2ktY3ZjLmRl
MAkGA1UdEwQCMAAwYQYDVR0gBFowWDBWBgZngQwBAgEwTDAjBggrBgEFBQcCARYX
aHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9k
LnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUyqxd4ZAv8e+M1J81AeEBO6DOwXcw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBX
BggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9oZC5zeW1jZC5jb20w
JgYIKwYBBQUHMAKGGmh0dHA6Ly9oZC5zeW1jYi5jb20vaGQuY3J0MIIBAwYKKwYB
BAHWeQIEAgSB9ASB8QDvAHYA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbs
vswAAAFfvR1UowAABAMARzBFAiEA4y65AFRMBFxkA85gmFTOTnst17LFFXscmuZd
9FHCWQ4CIGxa17RUESN3KupN2ulpUL2jjdPeyYbBzvx1ezc94xa2AHUApLkJkLQY
WBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFfvR1U2gAABAMARjBEAiAwk+IB
DGwAygJeuNhyFZ/PDTCZFW5sA50oOB5MYM+45AIgZFFUJTtt5niLEuG7juvtAcEi
gwkjfbbVHhBnqNl322IwDQYJKoZIhvcNAQELBQADggEBACAot6bap4SmZx46H+Eg
qgtI+nmx50mnFmycM2wkK9LpGymrBHT6EiIRE3wZuAgHQQiyZcou2ZQ1qo3vkznP
4+iDHMMs55yvFSxhP6UScciE9F6u5vZc2WkoRtVWA9XhWMiTG1N6oOJn/p42NBqw
+cK2peoY/I3CZZw5Y0huCT3YOjIec3D6hMJUqSbcBNSexKHUDyemZ3VrddtuNxUz
jPzrKHISTjK5HplUxpLDvgg4C1cCzYCtrszLvtivZwsjOUsaTfDqwvx7rvBe4JjB
VeNn+nqECQaqpdes+CDlD+E0pHQ8iY/MvTkYFvbWjF1TV/GA/2GoLRicuHcVUtli
u2k=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtpX3wRS9xbmE7jmTeFa
G4pkAJUHGqFu5n45fU74cLnCFt5Jjcr7Y9CHmLpCxXT2WSjkef4szANE+G/H+3Wi
DbIyTEwtF2i7zLxRsGYC7hE31q2oo5nd1jAcrxYI5dflqOs9eseb80aXx0Ur5xyG
MAp14TPSDD2CiZkq3V3ZmrFqtMILO6ZYZrVXte+no24gnKd6mjjntqhoRA0+OxVo
GLidhKmAhnGf/Tmobq+b2jtVNV0a2DWDt/sIIWjom1jrx4aaRUich0c7DQliQIOv
0RosFIzwG+sifmYlCcjcBCdRE6jua5f/9T11n4yJaNdDvLlRn5ZiTkUuR5u3U0n9
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 82367267430509752966831340720123401593
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Trust Network'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Basic DV SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.förderverein-spreewaldlutki.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24597900231252981825013171622927478573238504626748782686228795954563314333173772386427756606403950453796836809061520828817730435872414792948721225893524382338661759135959920693869105589075515702936163750499553262417888384371980213149589678234437580755522706717759938187765641457229380078581785311042921000599041136091155609455872441429025631736199296301166782790904967632105144726408528868560539646603728286177935340710746259180906697425869996769632677536943060885738805057650705836728598099003411659984033294673162755060567484623231685383532752916116572687161962081881081871295498951655062914907495876108466426346869
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.xn--frderverein-spreewaldlutki-cvc.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xn--frderverein-spreewaldlutki-cvc.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://d.symcb.com/rpa'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName caac5de1902ff1ef8cd49f3501e1013ba0cec177
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcb.com/hd.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015fbd1d54a30000040300473045022100e32eb900544c045c6403ce609854ce4e7b2dd7b2c5157b1c9ae65df451c2590e02206c5ad7b4541123772aea4ddae96950bda38dd3dec986c1cefc757b373de316b6007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015fbd1d54da000004030046304402203093e2010c6c00ca025eb8d872159fcf0d3099156e6c039d28381e4c60cfb8e40220645154253b6de6788b12e1bb8eebed01c1228309237db6d51e1067a8d977db62
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002028b7a6daa784a6671e3a1fe120aa0b48fa79b1e749a7166c9c336c242bd2e91b29ab0474fa122211137c19b808074108b265ca2ed99435aa8def9339cfe3e8831cc32ce79caf152c613fa51271c884f45eaee6f65cd9692846d55603d5e158c8931b537aa0e267fe9e36341ab0f9c2b6a5ea18fc8dc2659c3963486e093dd83a321e7370fa84c254a926dc04d49ec4a1d40f27a667756b75db6e3715338cfceb2872124e32b91e9954c692c3be08380b5702cd80adaecccbbed8af670b23394b1a4df0eac2fc7baef05ee098c155e367fa7a840906aaa5d7acf820e50fe134a4743c898fccbd391816f6d68c5d5357f180ff61a82d189cb8771552d962bb69