www.yourheritage.co.uk

Issued by Symantec Basic DV SSL CA - G2

About this certificate

This digital certificate with serial number 04:e5:8e:82:76:99:c4:7d:1f:a7:fe:6d:e5:ba:5b:15 was issued on by Symantec Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

www.yourheritage.co.uk

Symantec Corporation

Organization: Symantec Corporation
Organization unit: Symantec Trust Network
Organization unit: Domain Validated SSL
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 04:e5:8e:82:76:99:c4:7d:1f:a7:fe:6d:e5:ba:5b:15
Serial Number (int): 6508838402274109111387279092564515605
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: ca:ac:5d:e1:90:2f:f1:ef:8c:d4:9f:35:01:e1:01:3b:a0:ce:c1:77

Fingerprint (sha1): 57:d6:03:0c:95:fe:0f:11:bf:d4:bc:a4:02:1c:08:d7:1d:34:e0:0f
Fingerprint (sha256): 00:0d:1f:81:62:dd:e5:18:f6:7e:57:a8:32:47:b4:f1:1d:a0:97:4e:e2:31:f3:71:20:4e:d5:b6:2b:37:9b:61

Issuing Certificate URL: http://hd.symcb.com/hd.crt

Revocation information

OCSP Server: http://hd.symcd.com

Check the revocation status for certificate www.yourheritage.co.uk

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.yourheritage.co.uk


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.yourheritage.co.uk
yourheritage.co.uk

Certificate

The complete raw certificate details for www.yourheritage.co.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIQBOWOgnaZxH0fp/5t5bpbFTANBgkqhkiG9w0BAQsFADCB
lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQLExREb21haW4g
VmFsaWRhdGVkIFNTTDEmMCQGA1UEAxMdU3ltYW50ZWMgQmFzaWMgRFYgU1NMIENB
IC0gRzIwHhcNMTcwNDEyMDAwMDAwWhcNMTgwNDEyMjM1OTU5WjAhMR8wHQYDVQQD
DBZ3d3cueW91cmhlcml0YWdlLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAiGZ2pBjBjRphS/eg8a/yQedoYn4PtCiMTLJAd6uHKw4euaa1/ol0
Ij6Hs+7n7617AZFn48Ruq6H7CNgG48T6sJOHk730kGduHdJscykKmbaGu3niDnoS
JE7MEsocmk7LWnJwB0Z7z5eSvxHQKPxoyjex8ntnVL+CjdT2Y2XcR7I0TH/mkXAJ
XgWGvarCCXZrPd0b1mKCf7MWshBiK0MWutTVinaCcMjSk9INKaID44iURUST1onQ
mjsX299BOtnYyIq3NNbaUJxqC5P8w+kHMsNbEC1B8REhU/zdULey92eSBZ6dVskZ
l9mZ2e64sHDpEX5z3lPN5DrCsQLh2BC+LQIDAQABo4ICWTCCAlUwNQYDVR0RBC4w
LIIWd3d3LnlvdXJoZXJpdGFnZS5jby51a4ISeW91cmhlcml0YWdlLmNvLnVrMAkG
A1UdEwQCMAAwYQYDVR0gBFowWDBWBgZngQwBAgEwTDAjBggrBgEFBQcCARYXaHR0
cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9kLnN5
bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUyqxd4ZAv8e+M1J81AeEBO6DOwXcwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBXBggr
BgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9oZC5zeW1jZC5jb20wJgYI
KwYBBQUHMAKGGmh0dHA6Ly9oZC5zeW1jYi5jb20vaGQuY3J0MIIBAwYKKwYBBAHW
eQIEAgSB9ASB8QDvAHUA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswA
AAFbYW89JQAABAMARjBEAiBMRgsrwQJ7j6tVIOfN0RI78KuAaqxVPkxaIaQCkRds
3AIgUVP/WoM5jNsDI/Hx2NNf3ORBV54Dwvs65angDZBfTbcAdgCkuQmQtBhYFIe7
E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVthbz1UAAAEAwBHMEUCIG6ghx1UnGrd
UCmcnOY8ytf+i8ZpJB8/L3FpNIOcORazAiEAzeCyy3oCXnp/Vp2oO5Fe5n1ILbnd
Ksgsspha/A+KpmUwDQYJKoZIhvcNAQELBQADggEBAF9EHx1uvkyh/P0nkeoy4fEX
oHJaSPN4U+k4L/gISFFO28DTgYs5rfNaN4wbHiLJxFNs26rOC3IfFwNSA+0s3PSi
U/LXxuPa3t4lGLGqsSAbarDzV3di0Dl2yX+0Bg2S+Y30ca2m+cU7J7s5Kl5s491E
6sMUS6+/fGgzYQ0dC6rhdSE6lx9azD7gWNN2HyqSK34deyhR/lSLALBh3adPYHQr
ut0yiCK3CxZPoMGC6J8Dn8ONy2aHNSPE3g0h5VZe9UsHc1G3v6D5FzGEiTm5Tdet
8rEusmZCP+NvE3uPDVnW1Hp0cDO1AQmQ6+XlVNjRJiBsFTCq2UznImCmUu22IFY=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGZ2pBjBjRphS/eg8a/y
QedoYn4PtCiMTLJAd6uHKw4euaa1/ol0Ij6Hs+7n7617AZFn48Ruq6H7CNgG48T6
sJOHk730kGduHdJscykKmbaGu3niDnoSJE7MEsocmk7LWnJwB0Z7z5eSvxHQKPxo
yjex8ntnVL+CjdT2Y2XcR7I0TH/mkXAJXgWGvarCCXZrPd0b1mKCf7MWshBiK0MW
utTVinaCcMjSk9INKaID44iURUST1onQmjsX299BOtnYyIq3NNbaUJxqC5P8w+kH
MsNbEC1B8REhU/zdULey92eSBZ6dVskZl9mZ2e64sHDpEX5z3lPN5DrCsQLh2BC+
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6508838402274109111387279092564515605
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Trust Network'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Basic DV SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.yourheritage.co.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17218936081499085528504910802793922421138571421358702364643335334124898845383118492240959457949680787141886215176407509923230773059035682183586201192411167382173137804977550268561165969069357756046014438136132038969239292181434993902282663583748969656726865479907225469074068664633011706385532089476350699320073520056034565331532615930555787052131372702594622060122479977815043139711985791821172618706742559133425525237623049939367011977888619320943718956247269709998470177485976101841718866074026866348565600631806077919249217100302448803634233864086707687593003435452964509224141629041523562984854607369132521340461
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.yourheritage.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yourheritage.co.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://d.symcb.com/rpa'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName caac5de1902ff1ef8cd49f3501e1013ba0cec177
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcb.com/hd.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015b616f3d25000004030046304402204c460b2bc1027b8fab5520e7cdd1123bf0ab806aac553e4c5a21a40291176cdc02205153ff5a83398cdb0323f1f1d8d35fdce441579e03c2fb3ae5a9e00d905f4db7007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015b616f3d54000004030047304502206ea0871d549c6add50299c9ce63ccad7fe8bc669241f3f2f716934839c3916b3022100cde0b2cb7a025e7a7f569da83b915ee67d482db9dd2ac82cb2985afc0f8aa665
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005f441f1d6ebe4ca1fcfd2791ea32e1f117a0725a48f37853e9382ff80848514edbc0d3818b39adf35a378c1b1e22c9c4536cdbaace0b721f17035203ed2cdcf4a253f2d7c6e3dadede2518b1aab1201b6ab0f3577762d03976c97fb4060d92f98df471ada6f9c53b27bb392a5e6ce3dd44eac3144bafbf7c6833610d1d0baae175213a971f5acc3ee058d3761f2a922b7e1d7b2851fe548b00b061dda74f60742bbadd328822b70b164fa0c182e89f039fc38dcb66873523c4de0d21e5565ef54b077351b7bfa0f91731848939b94dd7adf2b12eb266423fe36f137b8f0d59d6d47a747033b5010990ebe5e554d8d126206c1530aad94ce72260a652edb62056