www.stadtausflug.ch
Issued by Hostpoint DV SSL CA - G2
About this certificate
This digital certificate with serial number 76:b4:b0:d7:95:2d:bb:b5:c5:0c:d9:0f:c7:34:c9:76 was issued on by Hostpoint AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.stadtausflug.ch
Hostpoint AG
Organization:
Hostpoint AG
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
CH
This certificate has expire since
Certificate Details
Serial Number (hex): 76:b4:b0:d7:95:2d:bb:b5:c5:0c:d9:0f:c7:34:c9:76Serial Number (int): 157787103721470079797466929685436090742
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: b4:e3:2a:8e:85:bb:b2:b7:27:3c:e9:ce:9a:a0:80:6f:0a:4b:02:48
Fingerprint (sha1): b8:86:5e:8b:fa:2d:3f:cf:30:76:90:6f:dd:a3:fc:05:32:da:63:db
Fingerprint (sha256): 00:01:79:36:94:ab:4e:7f:ba:c4:3e:6f:99:51:22:38:33:11:2d:2d:65:93:09:18:a2:4a:d1:b5:57:cb:bf:db
Issuing Certificate URL: http://hostpoint-aia.digitalcertvalidation.com/hostpointg2.crt
Revocation information
OCSP Server: http://hostpoint-ocsp.digitalcertvalidation.comCRL Distribution Point: http://hostpoint-crl.digitalcertvalidation.com/hostpointg2.crl
Check the revocation status for certificate www.stadtausflug.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.stadtausflug.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.stadtausflug.ch
stadtausflug.ch
stadtausflug.ch
Other certificates including the domain name stadtausflug.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.stadtausflug.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGNjCCBR6gAwIBAgIQdrSw15Utu7XFDNkPxzTJdjANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMSG9zdHBvaW50IEFHMR0wGwYDVQQLExRE b21haW4gVmFsaWRhdGVkIFNTTDEhMB8GA1UEAxMYSG9zdHBvaW50IERWIFNTTCBD QSAtIEcyMB4XDTE2MDUxNTAwMDAwMFoXDTE3MDUxNTIzNTk1OVowHjEcMBoGA1UE AwwTd3d3LnN0YWR0YXVzZmx1Zy5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBALgc1LK8ex3EbBWpMkYjw2z53LX79hJsbl0eQCutQAIykDmDCjTbIe14 hYeGB/QYJujN6hKYbSiEyafWimRzP4AGrrDDKcqKN106jYjdrA7gIo+tdjPtWJi6 iGF0B9SIqYVfqRDTrVlaZ1m6DymLVDbMh5fO2A+cyNAssq2pv/lQbR6wIbSYb4Ov tzwsfIyxfs9GabkPMvoCImVuuAORj2MJzYEVNXs15NBh+r4UvH2tQeeFYC2b9+xW EcCjFxIRKp/aBSE1HA1QvKou1JajOLUEhlnHP15EcywMRVmMHBmpSFum0P7vP1Xp dmcGK6XczWEFQe5h8DNYgArNwSCXZosCAwEAAaOCAyYwggMiMC8GA1UdEQQoMCaC E3d3dy5zdGFkdGF1c2ZsdWcuY2iCD3N0YWR0YXVzZmx1Zy5jaDAJBgNVHRMEAjAA ME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9ob3N0cG9pbnQtY3JsLmRpZ2l0YWxj ZXJ0dmFsaWRhdGlvbi5jb20vaG9zdHBvaW50ZzIuY3JsMIGdBgNVHSAEgZUwgZIw gY8GBmeBDAECATCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1c3Qu Y29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUMM2h0 dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdh bDAfBgNVHSMEGDAWgBS04yqOhbuytyc86c6aoIBvCksCSDAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGZBggrBgEFBQcBAQSB jDCBiTA7BggrBgEFBQcwAYYvaHR0cDovL2hvc3Rwb2ludC1vY3NwLmRpZ2l0YWxj ZXJ0dmFsaWRhdGlvbi5jb20wSgYIKwYBBQUHMAKGPmh0dHA6Ly9ob3N0cG9pbnQt YWlhLmRpZ2l0YWxjZXJ0dmFsaWRhdGlvbi5jb20vaG9zdHBvaW50ZzIuY3J0MIIB BQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiN PRHEzbbsvswAAAFUtRxDZgAABAMARzBFAiBkPWekVTQGpSj03e9p+Qrc3TIYl/OI B/hLnmLkzrwJVgIhAPRm/A15yO4sp32exUMO9Imixnd194fCLchOE0eTAwQKAHcA pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFUtRxDpwAABAMASDBG AiEA2wkOnctYyWfGwZFJrv/a9lkZU+FSN/A+UyqJqit9W08CIQDMQzW0vm+3seJB BhCARor6x/SL20fvvvh3sORW2nxPxTANBgkqhkiG9w0BAQsFAAOCAQEANFwMJv6c Sl1aPIDoZyuK4V7o+v+WDct1mj/rrOqpFqesXx5DGZ14gnE0zmzlxeGBxsOhGbFI 5t7UcqIiWNRxu+NTnUUo3B5IqmhyWt6ZEn0hkoOU/PARQqhWr3cwU3ydMc1PJYNj d1bUyM6cJvx6Vua0ZQZMWIQCggZaAwWtMXEnSQF8aBvGS5JL/FhAYaHiRuaPK3Ev UHxhn5/riOm5YK9IiDmfFMrrDwPuUklhA8fqinxvIbseYCP0oEDzPc/kqq4UjVkP wIs14fwZ5Yk3wSFSMNWKPs3zbyuVydXjUUGGPjDWh36qW4KTS/2L0zxCf2HKp7nh 2rn5yRpyhUchmg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBzUsrx7HcRsFakyRiPD bPnctfv2EmxuXR5AK61AAjKQOYMKNNsh7XiFh4YH9Bgm6M3qEphtKITJp9aKZHM/ gAausMMpyoo3XTqNiN2sDuAij612M+1YmLqIYXQH1IiphV+pENOtWVpnWboPKYtU NsyHl87YD5zI0Cyyram/+VBtHrAhtJhvg6+3PCx8jLF+z0ZpuQ8y+gIiZW64A5GP YwnNgRU1ezXk0GH6vhS8fa1B54VgLZv37FYRwKMXEhEqn9oFITUcDVC8qi7UlqM4 tQSGWcc/XkRzLAxFWYwcGalIW6bQ/u8/Vel2ZwYrpdzNYQVB7mHwM1iACs3BIJdm iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 157787103721470079797466929685436090742 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hostpoint AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hostpoint DV SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.stadtausflug.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23242065136899029639598780530042537512585907359280664253267903005780197461979489303540489385479558944765292655259812228446982363742374810964361779439607140040541987260114433222770459900114139547695520955941385198976049676808924927457336588456836595215033348127142300939582538067818847397969715619585365932217241924939094119547173728817374255838127665742623191245859744103947365913101807533034318629425260056786689456480287193620956451116389177043934423862142064032503033143091695987649277739276094029318801897967850195019912354794856102953330043701096109991739868882672822239993706239771466441085718951358488917796491 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stadtausflug.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stadtausflug.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (72 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hostpoint-crl.digitalcertvalidation.com/hostpointg2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b4e32a8e85bbb2b7273ce9ce9aa0806f0a4b0248 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hostpoint-ocsp.digitalcertvalidation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hostpoint-aia.digitalcertvalidation.com/hostpointg2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000154b51c436600000403004730450220643d67a4553406a528f4ddef69f90adcdd321897f38807f84b9e62e4cebc0956022100f466fc0d79c8ee2ca77d9ec5430ef489a2c67775f787c22dc84e13479303040a007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000154b51c43a70000040300483046022100db090e9dcb58c967c6c19149aeffdaf6591953e15237f03e532a89aa2b7d5b4f022100cc4335b4be6fb7b1e241061080468afac7f48bdb47efbef877b0e456da7c4fc5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00345c0c26fe9c4a5d5a3c80e8672b8ae15ee8faff960dcb759a3febaceaa916a7ac5f1e43199d78827134ce6ce5c5e181c6c3a119b148e6ded472a22258d471bbe3539d4528dc1e48aa68725ade99127d21928394fcf01142a856af7730537c9d31cd4f2583637756d4c8ce9c26fc7a56e6b465064c58840282065a0305ad31712749017c681bc64b924bfc584061a1e246e68f2b712f507c619f9feb88e9b960af4888399f14caeb0f03ee52496103c7ea8a7c6f21bb1e6023f4a040f33dcfe4aaae148d590fc08b35e1fc19e58937c1215230d58a3ecdf36f2b95c9d5e35141863e30d6877eaa5b82934bfd8bd33c427f61caa7b9e1dab9f9c91a728547219a