Certificate for ik1-444-54258.vs.sakura.ne.jp Issued to SomeOrganization

Certificate has expired

Issued by itself (self-signed)

About the ik1-444-54258.vs.sakura.ne.jp Certificate

This certificate with serial number 60:2c for ik1-444-54258.vs.sakura.ne.jp was issued on by SomeOrganization.

This Certificate has already expired and will cause a warning or error message. We have found some issues with the compliance of this certificate, they are be shown below. We hope this Certificate review for ik1-444-54258.vs.sakura.ne.jp provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
  • Subscriber certificates MUST contain the Subject Alternate Name extension (BRs: 7.1.4.2.1)
  • Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder. (BRs: 7.1.2.3)
  • Subscriber Certificate: authorityInformationAccess MUST be present. (BRs: 7.1.2.3)
  • Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.2.3)
  • Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.3)
  • Subscriber certificates MUST have the extended key usage extension present (BRs: 7.1.2.3)
  • Country codes must be comprised of uppercase A-Z letters Alpha-2 country codes shall consist of LATIN CAPITAL LETTER A through LATIN CAPITAL LETTER Z (ISO 3166-2:2020(E) section 5.1)
  • Missing common name, 'ik1-444-54258.vs.sakura.ne.jp' The common name field in subscriber certificates must include only names from the SAN extension (BRs: 7.1.4.2.2)
  • found only metadata -- in subjectDN attribute 2.5.4.6 Subject name fields must not contain '.','-',' ' or any other indication that the field has been omitted (BRs: 7.1.4.2.2)
  • The country name field MUST contain the two-letter ISO code for the country or XX (BRs: 7.1.4.2.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

SomeOrganization

Organization: SomeOrganization
Organizational unit: SomeOrganizationalUnit
State / Province: SomeState
Locality: SomeCity
Country: --

This X.509 certificate expired on

Certificate Details

Serial Number (hex): 60:2c
Serial Number (int): 24620
Serial Number Length: 15 bits, 2 octets

Subject Key Identifier:
Authority Key Identifier:

Fingerprint (SHA-1): 2b:99:3e:63:8d:5b:df:d6:35:6b:72:17:a1:d2:66:64:1c:54:7b:d8
Fingerprint (SHA-256): 86:3f:d2:8c:dd:57:64:ac:a6:67:64:fd:88:12:18:79:96:de:89:a1:4d:17:eb:15:35:10:be:2b:45:40:a5:ae


Revocation Information


Check the revocation status for certificate ik1-444-54258.vs.sakura.ne.jp
0
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for ik1-444-54258.vs.sakura.ne.jp

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Content Commitment
Extended Key Usages
None
Extensions
2
CA Certificate
This is not a CA certificate

Subject Alternative Names

This X.509 certificate doesn't contain any subject alternative names.

X.509 Certificate

The complete raw X.509 certificate details for ik1-444-54258.vs.sakura.ne.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIELjCCAxagAwIBAgICYCwwDQYJKoZIhvcNAQELBQAwgcsxCzAJBgNVBAYTAi0t
MRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQK
DBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxV
bml0MSYwJAYDVQQDDB1pazEtNDQ0LTU0MjU4LnZzLnNha3VyYS5uZS5qcDExMC8G
CSqGSIb3DQEJARYicm9vdEBpazEtNDQ0LTU0MjU4LnZzLnNha3VyYS5uZS5qcDAe
Fw0yMjA3MDcwNzU2MDhaFw0yMzA3MDcwNzU2MDhaMIHLMQswCQYDVQQGEwItLTES
MBAGA1UECAwJU29tZVN0YXRlMREwDwYDVQQHDAhTb21lQ2l0eTEZMBcGA1UECgwQ
U29tZU9yZ2FuaXphdGlvbjEfMB0GA1UECwwWU29tZU9yZ2FuaXphdGlvbmFsVW5p
dDEmMCQGA1UEAwwdaWsxLTQ0NC01NDI1OC52cy5zYWt1cmEubmUuanAxMTAvBgkq
hkiG9w0BCQEWInJvb3RAaWsxLTQ0NC01NDI1OC52cy5zYWt1cmEubmUuanAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRH4nvUxLjB57nrxZ3aQzLBYC5
Ukt3qouQYZqiIlOgPqgUn7wQP77hTncy7OIOXTi5ki9PNkVW+ElbR4KEuQ7TPvNW
XoEvNBhlN6KH5v6slt8eCReHEnAPSVChzeafFbHS5vCLnP2KZRr9+yrWN5FnJqMB
4CIbgcFZPs0G/DQM6mej+2WmMzXm4hk+GarIbKb2K0ofYfMdl8KnAdcX/8KsWe1C
Ibc1FXnunUXA2asV+GzCHJeRA+TO4zWiw9QZ/JVyTeUvjAlg/Py1syV5TqjoF/Ok
S70LPq4BWpSDRE/1ffzOp7eu2LOYUeiM8o6wVJOwDDPKIRnkgqmsrUO8OzinAgMB
AAGjGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IB
AQCTSj413ZAVZ5mUs/72iXWizoEESTC3B/vCHuJpq5WXZwbVgwV3jxedqh7kJVNv
l8qEYU28FAQQhoWAXx88bWIlZ1skNfiGoyMF9+LA+z8SqLa8WQT1W9C9F9evcHib
brO5sH2EoxaA5OFkvxpa2nL+wxwYls+sDxkc0QBpYRtkPeHi4kF0I2/oX2sXCeEw
c6iAq0R6nWW/sK13tZDY1o0AqFvm9EIsLwj5Ymj63KO+IgZYvau/dW0NcziAnpML
S4eo4uRixPqHKR4JkPlyrPWE0BK2ks38X0FAxjqsoveBCinKvdAEets6nkk1irvM
JmPADPMbTFzBiD8SWWtm2DZ7
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R+J71MS4wee568Wd2kM
ywWAuVJLd6qLkGGaoiJToD6oFJ+8ED++4U53MuziDl04uZIvTzZFVvhJW0eChLkO
0z7zVl6BLzQYZTeih+b+rJbfHgkXhxJwD0lQoc3mnxWx0ubwi5z9imUa/fsq1jeR
ZyajAeAiG4HBWT7NBvw0DOpno/tlpjM15uIZPhmqyGym9itKH2HzHZfCpwHXF//C
rFntQiG3NRV57p1FwNmrFfhswhyXkQPkzuM1osPUGfyVck3lL4wJYPz8tbMleU6o
6BfzpEu9Cz6uAVqUg0RP9X38zqe3rtizmFHojPKOsFSTsAwzyiEZ5IKprK1DvDs4
pwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 24620
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '--'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeState'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeCity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeOrganization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeOrganizationalUnit'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ik1-444-54258.vs.sakura.ne.jp'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-07 07:56:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-07 07:56:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '--'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeState'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeCity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeOrganization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SomeOrganizationalUnit'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ik1-444-54258.vs.sakura.ne.jp'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26399358103801391434467088267344152232927606967633437942095226182657286200179177533849547025275581323931353249904307975578108311926278818579134153125446421166632513120458578541875345309446416113349603939935491206529461914236012002213777955465520549633313120051464737923691449908414883543729584222708035631921160966011446011877576378603966813516663501344174346329759349489374738349278276692259969052463291816504919853538939161294417464409474951857911790269815172003032971687922477399538322921326279967727813641565712645259478017078471660726161694261536785307585112092424663533504220228053170703334730082093564750936231
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05e0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00934a3e35dd9015679994b3fef68975a2ce81044930b707fbc21ee269ab95976706d58305778f179daa1ee425536f97ca84614dbc1404108685805f1f3c6d6225675b2435f886a32305f7e2c0fb3f12a8b6bc5904f55bd0bd17d7af70789b6eb3b9b07d84a31680e4e164bf1a5ada72fec31c1896cfac0f191cd10069611b643de1e2e24174236fe85f6b1709e13073a880ab447a9d65bfb0ad77b590d8d68d00a85be6f4422c2f08f96268fadca3be220658bdabbf756d0d7338809e930b4b87a8e2e462c4fa87291e0990f972acf584d012b692cdfc5f4140c63aaca2f7810a29cabdd0047adb3a9e49358abbcc2663c00cf31b4c5cc1883f12596b66d8367b