www.kinopolis-ticketshop.de

Issued by Thawte DV SSL CA

About this certificate

This digital certificate with serial number 4b:d9:29:24:36:3d:1b:b9:7c:1c:fb:fb:de:90:b9:90 was issued on by Thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

www.kinopolis-ticketshop.de

Organization unit: Go to https://www.thawte.com/repository/index.html
Organization unit: Thawte SSL123 certificate
Organization unit: Domain Validated

Thawte, Inc.

Organization: Thawte, Inc.
Organization unit: Domain Validated SSL
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 4b:d9:29:24:36:3d:1b:b9:7c:1c:fb:fb:de:90:b9:90
Serial Number (int): 100819662549964414226015299656074967440
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: ab:44:e4:5d:ec:83:c7:d9:c0:85:9f:f7:e1:c6:97:90:b0:8c:3f:98

Fingerprint (sha1): 67:2b:95:76:b7:e6:3a:55:0e:cd:6a:14:15:2b:4f:96:39:88:0f:1a
Fingerprint (sha256): 00:0c:1a:11:a6:80:56:ba:89:0a:cd:96:9e:ba:d8:6b:64:6f:a1:60:53:e7:60:7b:5d:49:78:0a:00:af:20:97

Issuing Certificate URL: http://svr-dv-aia.thawte.com/ThawteDV.cer

Revocation information

OCSP Server: http://ocsp.thawte.com
CRL Distribution Point: http://svr-dv-crl.thawte.com/ThawteDV.crl

Check the revocation status for certificate www.kinopolis-ticketshop.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.kinopolis-ticketshop.de


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.kinopolis-ticketshop.de

Certificate

The complete raw certificate details for www.kinopolis-ticketshop.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIQS9kpJDY9G7l8HPv73pC5kDANBgkqhkiG9w0BAQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe
Fw0xNDA0MjIwMDAwMDBaFw0xNTA0MTIyMzU5NTlaMIGiMTswOQYDVQQLEzJHbyB0
byBodHRwczovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkvaW5kZXguaHRtbDEi
MCAGA1UECxMZVGhhd3RlIFNTTDEyMyBjZXJ0aWZpY2F0ZTEZMBcGA1UECxMQRG9t
YWluIFZhbGlkYXRlZDEkMCIGA1UEAxQbd3d3Lmtpbm9wb2xpcy10aWNrZXRzaG9w
LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0fubht1tGQAjrTs
nkUr1Eum6BT+3K9nMCzNLE0i4Mf55I8/MwniUGswCRDOoaCvMBqSaFAQg9+FZJLU
Drenu4nLxnd8lNAH+sI2aA6kUayh/YH+1NahnhW2ex2obuq3H/3DoYnVVJrFkuMP
3CY4jcUdf4aqzTkqVqDt7664kdiGqOfkZD+I69Q55KU2MUG1AvSygYR50rrjSEfo
UdTBV+0Lu4N8DmlzZoPi3BZjgC6Gs239v9WtVJdKXUZsXN7AmYGeRtQiMXO5Qscd
LJqth1ieZMAB4CcNBEBVIQC2vaAPe3nARecXJ4S20WtV91TPHtqzanuBhie8qUa6
QnfjOQIDAQABo4IBcTCCAW0wJgYDVR0RBB8wHYIbd3d3Lmtpbm9wb2xpcy10aWNr
ZXRzaG9wLmRlMAkGA1UdEwQCMAAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL3N2
ci1kdi1jcmwudGhhd3RlLmNvbS9UaGF3dGVEVi5jcmwwQQYDVR0gBDowODA2Bgpg
hkgBhvhFAQc2MCgwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20v
Y3BzMB8GA1UdIwQYMBaAFKtE5F3sg8fZwIWf9+HGl5CwjD+YMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwaQYIKwYBBQUHAQEE
XTBbMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUuY29tMDUGCCsGAQUF
BzAChilodHRwOi8vc3ZyLWR2LWFpYS50aGF3dGUuY29tL1RoYXd0ZURWLmNlcjAN
BgkqhkiG9w0BAQUFAAOCAQEAbE5RV6VhtQSc5J/GhKw98WM5Ww71uPjWhQH/dRO6
51+561pa1ovJ51bfuPxVfekj7khFv3te3RMKu/tH49CkeQ3JRHNOkv0hHFR+t/bt
AijLXQE8yzLtxmMISRimdUY0n8OKd4nAU7Y5GpSwTv1Nm+F3Ph/mA035Oafd2TGk
zxjeTpQhC6vANKf8USpVNffMmpg8ohw17BLgePzapSZqeA3MPgtacw+p0BCCaGGp
GZLcCauZsCbwOVHPZvqEXsQzHGinu5emdsY/9QHPvSt3WQ40NVjVFaeIqAsT1p6t
qfeAUyY/4+uOUouUjpaN595yuWe6budM0dmN96pIsff8WQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0fubht1tGQAjrTsnkUr
1Eum6BT+3K9nMCzNLE0i4Mf55I8/MwniUGswCRDOoaCvMBqSaFAQg9+FZJLUDren
u4nLxnd8lNAH+sI2aA6kUayh/YH+1NahnhW2ex2obuq3H/3DoYnVVJrFkuMP3CY4
jcUdf4aqzTkqVqDt7664kdiGqOfkZD+I69Q55KU2MUG1AvSygYR50rrjSEfoUdTB
V+0Lu4N8DmlzZoPi3BZjgC6Gs239v9WtVJdKXUZsXN7AmYGeRtQiMXO5QscdLJqt
h1ieZMAB4CcNBEBVIQC2vaAPe3nARecXJ4S20WtV91TPHtqzanuBhie8qUa6Qnfj
OQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 100819662549964414226015299656074967440
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte DV SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-04-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-04-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Go to https://www.thawte.com/repository/index.html'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL123 certificate'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.kinopolis-ticketshop.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24651940147757055475700527007025500187955103607986277383372301871539445403044452602219790675239169798212234590707635425905673858648257120020333343274501050156836547869386345677674857928040691130527841527542108036357554948129258163668551789121028737742634702347819601758614330194392446897893305135308327908859702267717084909123151744870951977849533328054259117345942543043055578048266086638277796233446468534923382270822753457429104206328610546736098223118058405087219794221943699922720531850973694107265826265485679520037607294912220022934727087697221861570447547270857256994074123854209817810361166360976997666513721
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kinopolis-ticketshop.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-dv-crl.thawte.com/ThawteDV.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ab44e45dec83c7d9c0859ff7e1c69790b08c3f98
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-dv-aia.thawte.com/ThawteDV.cer'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006c4e5157a561b5049ce49fc684ac3df163395b0ef5b8f8d68501ff7513bae75fb9eb5a5ad68bc9e756dfb8fc557de923ee4845bf7b5edd130abbfb47e3d0a4790dc944734e92fd211c547eb7f6ed0228cb5d013ccb32edc663084918a67546349fc38a7789c053b6391a94b04efd4d9be1773e1fe6034df939a7ddd931a4cf18de4e94210babc034a7fc512a5535f7cc9a983ca21c35ec12e078fcdaa5266a780dcc3e0b5a730fa9d010826861a91992dc09ab99b026f03951cf66fa845ec4331c68a7bb97a676c63ff501cfbd2b77590e343558d515a788a80b13d69eada9f78053263fe3eb8e528b948e968de7de72b967ba6ee74cd1d98df7aa48b1f7fc59