leaf01.csr.pem

- Google -

Issued by FakeIntermediateAuthority

About this certificate

This digital certificate with serial number de:ad:be:ef was issued on by Google.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • DNSNames must have a valid TLD. (BRs: 7.1.4.2)
  • Subscriber certificates MUST contain the Subject Alternate Name extension (BRs: 7.1.4.2.1)
  • Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder. (BRs: 7.1.2.3)
  • Subscriber Certiifcate: authorityInformationAccess MUST be present, with the exception of stapling. (BRs: 7.1.2.3)
  • Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.6.4)
  • Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.2)
  • Subscriber certificates MUST have the extended key usage extension present (BRs: 7.1.2.3)
  • Subscriber Certificates issued after 1 July 2016 but prior to 1 March 2018 MUST have a Validity Period no greater than 39 months. (BRs: 6.3.2)
  • The common name field in subscriber certificates must include only names from the SAN extension (BRs: 7.1.4.2.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Effective September 30, 2016, CAs SHALL generate non‐sequential Certificate serial numbers greater than zero (0) containing at least 64 bits of output from a CSPRNG. (BRs: 7.1)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Google

Organization: Google
Organization unit: Eng
State / Province: London
Country: GB

Google

Organization: Google
Organization unit: Eng
State / Province: London
Locality: London
Country: GB

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): de:ad:be:ef
Serial Number (int): 3735928559
Serial Number lenght: 32 bits, 4 octets

SubjectKeyId: 3f:1e:7b:69:91:48:da:4b:1d:30:a8:03:36:2b:70:04:fe:70:77:93:5d:b1:9f:e8:5f:d8:b6:30:66:c6:9d:86:05:ac:69:c8:6e:d0:10:83:81:49:ca:92:4e:00:02:3e:5d:6b:a5:7d:d0:85:78:5d:c3:94:bd:f4:ff:9f:95:12:49:03:de:bf:7b:76:e3:86:67:25:d0:01:b8:2f:84:6a:f9:8f:db:37:a9:de:a4:42:2c:52:fe:6c:aa:18:f7:80:93:f0:e2:f3:8b:26:a5:2f:2a:17:c6:5b:b0:97:6f:15:9f:e7:6a:e1:04:da:bd:65:47:75:76:36:bb:22:f7:f0
AuthorityKeyId: 01:02:03:04

Fingerprint (sha1): 5b:f8:09:d9:1b:7e:c3:7d:f0:9c:d1:d0:56:80:ef:c6:f9:ac:d9:6b
Fingerprint (sha256): 00:0d:40:29:4c:60:1e:b9:54:71:b6:13:1a:22:99:07:9d:27:21:d5:50:26:86:20:33:86:22:66:cd:b3:42:1a


Revocation information


Check the revocation status for certificate leaf01.csr.pem

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for leaf01.csr.pem


Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

ECDSA with SHA256

Key Usage

Digital Signature
Content Commitment
Key Encipherment
Data Encipherment
Key Agreement
Encipher Only
Decipher Only

Extended Key Usages

Extensions

4 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Certificate

The complete raw certificate details for leaf01.csr.pem in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIChTCCAiqgAwIBAgIFAN6tvu8wCgYIKoZIzj0EAwIwcjELMAkGA1UEBhMCR0Ix
DzANBgNVBAgTBkxvbmRvbjEPMA0GA1UEBxMGTG9uZG9uMQ8wDQYDVQQKEwZHb29n
bGUxDDAKBgNVBAsTA0VuZzEiMCAGA1UEAxMZRmFrZUludGVybWVkaWF0ZUF1dGhv
cml0eTAeFw0xNjEyMDcxNTEzMzZaFw0yNDAxMjAxNTEzMzZaMFYxCzAJBgNVBAYT
AkdCMQ8wDQYDVQQIDAZMb25kb24xDzANBgNVBAoMBkdvb2dsZTEMMAoGA1UECwwD
RW5nMRcwFQYDVQQDDA5sZWFmMDEuY3NyLnBlbTBZMBMGByqGSM49AgEGCCqGSM49
AwEHA0IABOs3TlJFnEbVqLjF7Vi5MCmmcIppoCZcni9uuGsjbIThRjqYNoJEpYoX
i0GCMvQt4Ahbfgc4UvxHVignm+1gi6yjgcgwgcUwDwYDVR0PAQH/BAUDAwf5gDCB
iwYDVR0OBIGDBIGAPx57aZFI2ksdMKgDNitwBP5wd5NdsZ/oX9i2MGbGnYYFrGnI
btAQg4FJypJOAAI+XWulfdCFeF3DlL30/5+VEkkD3r97duOGZyXQAbgvhGr5j9s3
qd6kQixS/myqGPeAk/Di84smpS8qF8ZbsJdvFZ/nauEE2r1lR3V2Nrsi9/AwDwYD
VR0jBAgwBoAEAQIDBDATBgorBgEEAdZ5AgQDAQH/BAIFADAKBggqhkjOPQQDAgNJ
ADBGAiEArc/hhbiyaN6rNz23LJkkFCOzPkQAKVjrClvCzYIx+XgCIQChKerIzVVf
u5UOx0NUdB8TtMQElpaRFl192zsUp8Hg0w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6zdOUkWcRtWouMXtWLkwKaZwimmg
JlyeL264ayNshOFGOpg2gkSliheLQYIy9C3gCFt+BzhS/EdWKCeb7WCLrA==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3735928559
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Eng'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FakeIntermediateAuthority'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-07 15:13:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-20 15:13:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Google'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Eng'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'leaf01.csr.pem'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				0004eb374e52459c46d5a8b8c5ed58b93029a6708a69a0265c9e2f6eb86b236c84e1463a98368244a58a178b418232f42de0085b7e073852fc475628279bed608bac
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (5 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (9 bits)
							07f980
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (131 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (128 bytes)
							3f1e7b699148da4b1d30a803362b7004fe7077935db19fe85fd8b63066c69d8605ac69c86ed010838149ca924e00023e5d6ba57dd085785dc394bdf4ff9f95124903debf7b76e3866725d001b82f846af98fdb37a9dea4422c52fe6caa18f78093f0e2f38b26a52f2a17c65bb0976f159fe76ae104dabd6547757636bb22f7f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (8 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 01020304
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.2 (ecdsaWithSHA256)
 . . . . [c:0|t:3|false] BIT STRING (576 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 78617416645366000491782790862212554775284861816188067354982867519699634223480
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 72896429773820425308156736533444550925494551399624613859687120179424095494355