Certificate for localhost

Certificate has expired

Issued by itself (self-signed)

About the localhost Certificate

This certificate with serial number f7:cd:03:67:f8:09:d2:d1 for localhost was issued on by itself (self-signed).

This Certificate has already expired and will cause a warning or error message. We have found some issues with the compliance of this certificate, they are be shown below. We hope this Certificate review for localhost provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
  • Subscriber Certificate: authorityInformationAccess MUST be present. (BRs: 7.1.2.3)
  • Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.2.3)
  • Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.3)
  • 1 DNS name(s) are bare public suffixes: localhost The domain SHOULD NOT have a bare public suffix (awslabs certlint)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

localhost

This X.509 certificate expired on

Certificate Details

Serial Number (hex): f7:cd:03:67:f8:09:d2:d1
Serial Number (int): 17855931842671792849
Serial Number Length: 64 bits, 8 octets

Subject Key Identifier:
Authority Key Identifier:

Fingerprint (SHA-1): f3:d0:65:69:17:58:5d:bb:c8:55:cb:2e:7f:bf:8e:cb:9e:9e:19:9a
Fingerprint (SHA-256): 6f:1f:83:40:d2:8f:86:d4:f5:d8:15:c5:95:ed:f0:b7:88:14:a7:02:f4:3c:76:90:a4:e8:94:20:f1:d1:c8:5d


Revocation Information


Check the revocation status for certificate localhost
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for localhost

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Extensions
3
CA Certificate
This is not a CA certificate

Subject Alternative Names

localhost

X.509 Certificate

The complete raw X.509 certificate details for localhost in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIC5TCCAc2gAwIBAgIJAPfNA2f4CdLRMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
BAMMCWxvY2FsaG9zdDAeFw0yMzA5MjQxNTA0MTZaFw0yMzEwMjQxNTA0MTZaMBQx
EjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpFEnJoz9ZyZyITtaFLvuQaj/8KmSJOOb3MNFj2wujr2zUg+Ci3qNFULZzs
/AjmNDGaNycXXT8Zt9t4sW8DKU6LM43Bmrduvx3uKSDKw4fq7kp++IzHyjxrxcGz
qvlzzU3VM4rlq0K92J1NrO0PYRVJ0PqFDIItcvqnWkAODKpyFPsHXqW/acZdGOHT
NOsfniv5TtPs0TC/n53tNf5hUbAXYK8CvyBoKHC2q5eaXhGRbyC2QePCP+Xot5YA
Xr4Ujg3eMaN7ns08dtwuTapLdtZJM1+oAmNSceGw1hwDFaE5nRK1j2/QMXb9dKof
Z0IGy1Eqk+67KmZKckZn36qqgw0CAwEAAaM6MDgwFAYDVR0RBA0wC4IJbG9jYWxo
b3N0MAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0B
AQsFAAOCAQEAPIhaevbB4hvwi7r07rNeTE1Js9u1ygXY8tXAcVeiwBE8e28MzBTR
bzfuoo21pDDpLaIKvcXMzbMQiFB1pr5rzxDl+30Cw0Rq5ZcBG8xgHbDLg2iP/Yf3
7dp/1ThpXs6oH+imsBW7g/PTZs69rUr1aKFObR2RYT1hPxzs+xIjv2VDyv6rIPfQ
3NSm/CUvALXTTKevm+OjtMHhMIX8GMfFJ8uqu5QMV7KbWijdC3WkFBKZr0F5Jb/6
6nNxnHXMX1UCGQe8Cbt5l3k+qTNC2gYkt2Ovzdl1UMm7Zw8CO37bVYSHmsDcpPF+
tFXaSc4bqUsSK7nwyEam9S0ozwWC/xyuew==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kUScmjP1nJnIhO1oUu+
5BqP/wqZIk45vcw0WPbC6OvbNSD4KLeo0VQtnOz8COY0MZo3JxddPxm323ixbwMp
ToszjcGat26/He4pIMrDh+ruSn74jMfKPGvFwbOq+XPNTdUziuWrQr3YnU2s7Q9h
FUnQ+oUMgi1y+qdaQA4MqnIU+wdepb9pxl0Y4dM06x+eK/lO0+zRML+fne01/mFR
sBdgrwK/IGgocLarl5peEZFvILZB48I/5ei3lgBevhSODd4xo3uezTx23C5Nqkt2
1kkzX6gCY1Jx4bDWHAMVoTmdErWPb9Axdv10qh9nQgbLUSqT7rsqZkpyRmffqqqD
DQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17855931842671792849
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'localhost'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-24 15:04:16 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-24 15:04:16 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'localhost'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29573824063440136766358688760806061450026080964640492421115924442934507443444679477024310733170068413709272732667852450360288369400184285993664868063856192137183507560674839454790769148255471233196937123718946139265109861338315111886881898737083869671893992250593935667090107861570675358510332676482973296853778255594022324518392834120718474409854262349711933818042174689823804661334216263375957325273835735694215358014462762904092921238239436130573722056424971634732505336403385308515741172863995700165160808721230958231612120374026750593913290407902484382381928020136247262854785462398494896868672338811049537602317
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'localhost'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003c885a7af6c1e21bf08bbaf4eeb35e4c4d49b3dbb5ca05d8f2d5c07157a2c0113c7b6f0ccc14d16f37eea28db5a430e92da20abdc5cccdb310885075a6be6bcf10e5fb7d02c3446ae597011bcc601db0cb83688ffd87f7edda7fd538695ecea81fe8a6b015bb83f3d366cebdad4af568a14e6d1d91613d613f1cecfb1223bf6543cafeab20f7d0dcd4a6fc252f00b5d34ca7af9be3a3b4c1e13085fc18c7c527cbaabb940c57b29b5a28dd0b75a4141299af417925bffaea73719c75cc5f55021907bc09bb7997793ea93342da0624b763afcdd97550c9bb670f023b7edb5584879ac0dca4f17eb455da49ce1ba94b122bb9f0c846a6f52d28cf0582ff1cae7b