Certificate for

Certificate is witin its validity period

Issued by itself (self-signed)

About the Certificate

This certificate with serial number 2b:6f:e3:af:bd:b3:e0:0f:c3:cf:fe:32:97:0e:6b:ab:2e:45:0b:91 for was issued on by itself (self-signed).

This Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this Certificate review for provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
  • Subscriber certificates MUST contain the Subject Alternate Name extension (BRs: 7.1.4.2.1)
  • Certificate issuer field MUST NOT be empty and must have a non-empty distinguished name (RFC 5280: 4.1.2.4)
  • Subscriber Certificate: authorityInformationAccess MUST be present. (BRs: 7.1.2.3)
  • Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.2.3)
  • Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.3)
  • Subscriber certificates MUST have the extended key usage extension present (BRs: 7.1.2.3)
  • CAs MUST support subject alternative name if the subject field is an empty sequence (RFC 5280: 4.2 & 4.2.1.6)
  • TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC must not have a validity period greater than 398 days (https://support.apple.com/en-us/HT211025)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 2b:6f:e3:af:bd:b3:e0:0f:c3:cf:fe:32:97:0e:6b:ab:2e:45:0b:91
Serial Number (int): 247981820152940776300757055975918153330319494033
Serial Number Length: 158 bits, 20 octets

Subject Key Identifier: 88:a8:80:f5:15:00:d0:59:a4:d1:f6:6e:ee:0b:8b:38:ba:6b:dc:59
Authority Key Identifier:

Fingerprint (SHA-1): 72:73:0f:08:40:87:7c:0f:2a:b2:41:61:f0:bf:3b:11:24:9b:ed:70
Fingerprint (SHA-256): a2:99:5f:0b:ba:5c:7d:c6:92:7e:ba:44:04:b0:eb:6e:6c:39:74:5b:ce:74:35:5a:01:83:7a:1e:ac:ee:19:f0


Revocation Information


Check the revocation status for certificate
0
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
None
Extended Key Usages
None
Extensions
1
CA Certificate
This is not a CA certificate

Subject Alternative Names

This X.509 certificate doesn't contain any subject alternative names.

X.509 Certificate

The complete raw X.509 certificate details for in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIICrzCCAZegAwIBAgIUK2/jr72z4A/Dz/4ylw5rqy5FC5EwDQYJKoZIhvcNAQEL
BQAwADAeFw0yNTA0MzAxNjQxMDVaFw0zNTA0MjgxNjQxMDVaMAAwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEdqPxcJhgCikFJjGutGR0bTIrt5UybmDN
cVJRAm51OsGbTYAEFjmCnue8t5Nvqhfq4f2qL1YZhVqhg2Yh6OnHNwlM8FZXCsQ0
dMNiR4aabHsmR+zhHNs2cK0iR+QyWprkMQdMBBw7hGcF3EBW9IBWGd7WajfXdMXN
Fuh6Gn/moRLLdNJGsLcXFsNV/5SjkgKKLKWFHu/EeET68+8khnOYrY0ayfUwYqdf
5Cb8uclmfQHO9MSlwC9auHEyCiihpba221qdIpLJ1RhoAv6d1E2tRSkU5EilYbF3
C5evv0tJjRrdGzxzeHyqeVdSqR/H/vyffjM82+m4mG1TFfiZCDHpAgMBAAGjITAf
MB0GA1UdDgQWBBSIqID1FQDQWaTR9m7uC4s4umvcWTANBgkqhkiG9w0BAQsFAAOC
AQEAT6TGYZG4W5RPPg48sa0uM9GX9RhtKWBDKFNytTmuiaI/4FLfqYaBePFtI3Af
T58jYzV0AnFDDWasrHSWj1GdlqmibbLQPCTdnQr7gLegusZWY+auhekIXcsK/9Gi
PNwyXfAnCSA8MQ807il5wiqygH1xgeta9aagMY+aFqLDb4nA3UKPox0WFUsum4AE
Zx94KZw6C4x0fLFPuvQq3OchPsOdRNfoJYgJjZd4w3OZE7Y2SQrnGSPe2HuditMh
CCt/vCvBSPJpff+8hYsNGW+UjUgGUkiQHkRHpff74mo4JqyZrE5NPnvqFlyjd6h3
TzzmHUfGtPIm0Kem4wJse970Ag==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHaj8XCYYAopBSYxrrRk
dG0yK7eVMm5gzXFSUQJudTrBm02ABBY5gp7nvLeTb6oX6uH9qi9WGYVaoYNmIejp
xzcJTPBWVwrENHTDYkeGmmx7Jkfs4RzbNnCtIkfkMlqa5DEHTAQcO4RnBdxAVvSA
Vhne1mo313TFzRboehp/5qESy3TSRrC3FxbDVf+Uo5ICiiylhR7vxHhE+vPvJIZz
mK2NGsn1MGKnX+Qm/LnJZn0BzvTEpcAvWrhxMgoooaW2tttanSKSydUYaAL+ndRN
rUUpFORIpWGxdwuXr79LSY0a3Rs8c3h8qnlXUqkfx/78n34zPNvpuJhtUxX4mQgx
6QIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 247981820152940776300757055975918153330319494033
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-30 16:41:05 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2035-04-28 16:41:05 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24801211536447759611427973566324627533272236613854030293088267174966587430582391438477046226170015632398964730049395061826048880944845018369077895346611459500304060322682519022967411780416985852866561148353605428794215854071870323887452611761805679172981903944443293127492217204996535471746355834439981328369232523236009862603041966294104005480221917675107768355363603966539085785368221235300567611986341738413282603200912964832716921369132101556719541492644669439858950108423628642078674872554144217405677794827360413009832042139165996133787199959635904375493335491724091545787238855520230580473826787461453039809001
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							88a880f51500d059a4d1f66eee0b8b38ba6bdc59
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004fa4c66191b85b944f3e0e3cb1ad2e33d197f5186d296043285372b539ae89a23fe052dfa9868178f16d23701f4f9f236335740271430d66acac74968f519d96a9a26db2d03c24dd9d0afb80b7a0bac65663e6ae85e9085dcb0affd1a23cdc325df02709203c310f34ee2979c22ab2807d7181eb5af5a6a0318f9a16a2c36f89c0dd428fa31d16154b2e9b8004671f78299c3a0b8c747cb14fbaf42adce7213ec39d44d7e82588098d9778c3739913b636490ae71923ded87b9d8ad321082b7fbc2bc148f2697dffbc858b0d196f948d48065248901e4447a5f7fbe26a3826ac99ac4e4d3e7bea165ca377a8774f3ce61d47c6b4f226d0a7a6e3026c7bdef402