rhein-kolleg.de

Issued by Symantec Basic DV SSL CA - G2

About this certificate

This digital certificate with serial number 12:91:fd:65:eb:6b:1d:c8:1c:0a:45:37:98:52:02:55 was issued on by Symantec Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

rhein-kolleg.de

Symantec Corporation

Organization: Symantec Corporation
Organization unit: Symantec Trust Network
Organization unit: Domain Validated SSL
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 12:91:fd:65:eb:6b:1d:c8:1c:0a:45:37:98:52:02:55
Serial Number (int): 24684126493148646542432982576846209621
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: ca:ac:5d:e1:90:2f:f1:ef:8c:d4:9f:35:01:e1:01:3b:a0:ce:c1:77

Fingerprint (sha1): 7f:86:8d:24:90:ff:4c:e1:4e:da:a3:c8:c1:0c:a2:16:0b:ec:1e:53
Fingerprint (sha256): 00:18:4b:f5:e4:c9:48:9f:0d:99:28:92:ec:b9:1f:d4:ff:20:7d:b0:a5:4c:62:10:2f:d7:30:d4:59:fb:0a:8c

Issuing Certificate URL: http://hd.symcb.com/hd.crt

Revocation information

OCSP Server: http://hd.symcd.com

Check the revocation status for certificate rhein-kolleg.de

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rhein-kolleg.de


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rhein-kolleg.de
www.rhein-kolleg.de

Certificate

The complete raw certificate details for rhein-kolleg.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIQEpH9ZetrHcgcCkU3mFICVTANBgkqhkiG9w0BAQsFADCB
lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQLExREb21haW4g
VmFsaWRhdGVkIFNTTDEmMCQGA1UEAxMdU3ltYW50ZWMgQmFzaWMgRFYgU1NMIENB
IC0gRzIwHhcNMTcwMzE3MDAwMDAwWhcNMTgwMzE3MjM1OTU5WjAaMRgwFgYDVQQD
DA9yaGVpbi1rb2xsZWcuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgYvtXSuZgHOkOHsJM5Ke3zWHzzqBvOzeLga/prhjCD9n6CcyNcvdKoXMjKEVF
6ji3XCVSTLLnPAw8GFV/+vbiLhTSF9wnY0sLWLpwZmNnj7Q817lJ42dYtP6vGEpg
ar1+7b/4y45vAeX2VP0nHYf7VdZCLFgC4pLq+uqARtr/BrFh+x11m3fmp/Epaki1
o4avBamMdDHvwvcqpZOKntP2/HtEVCZgcLwXXs4D3mmIPleGmgK/vG5+p7/kuZlA
6wFB8/8SxXkqLYlCUICYgqHYQNnxaV03BeT/WKuL17kiEOXWef1IwFJYYelGWuIH
L4qIrGufyUuEjjjUmfbn5X+JAgMBAAGjggJTMIICTzAvBgNVHREEKDAmgg9yaGVp
bi1rb2xsZWcuZGWCE3d3dy5yaGVpbi1rb2xsZWcuZGUwCQYDVR0TBAIwADBhBgNV
HSAEWjBYMFYGBmeBDAECATBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2Iu
Y29tL2NwczAlBggrBgEFBQcCAjAZDBdodHRwczovL2Quc3ltY2IuY29tL3JwYTAf
BgNVHSMEGDAWgBTKrF3hkC/x74zUnzUB4QE7oM7BdzAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAf
BggrBgEFBQcwAYYTaHR0cDovL2hkLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0
cDovL2hkLnN5bWNiLmNvbS9oZC5jcnQwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8A
dQDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVrbdEsCAAAEAwBG
MEQCICP4RwWBB2+yqQ10GBSYtfc08ObYz7dKF2Zp+zjV5zUOAiAFKIKYU45wgmIn
O7PrzlzSiSAeYjvinACgF40/gPhofAB2AKS5CZC0GFgUh7sTosxncAo8NZgE+Rvf
uON3zQ7IDdwQAAABWtt0Sx0AAAQDAEcwRQIhAIqlyM2Tjv+KCe1W/kcxUipuDoiQ
F/WU4i9ro5bEtusFAiAKTFs+8GPCgY2LsQWbCMpJwXzROrGwk1FAerjYir3+5DAN
BgkqhkiG9w0BAQsFAAOCAQEAbbcWe+YCCell/U3BMJkLHX8A9Whd/ZuBA1Kae2R8
4TT50dIdpumglMigPGWrB4QK0FcENLtaeck2r80TrGsXsuMkzzJ0sOPPnB0CKIyB
sb1mb0GGVCFP9fS6MeTxFz5ds0hRF6Pnb0arg9QJAt9Hor9N2cr3xlTyVT1W2OQt
dNpTyBthOTyw8QRUZKIB0FPjPaeoLZw+qDlauWJ2uAyENwPsAcbhkcjD9RMk/gwI
DG3LkQKapCa10ql8pzLe42K8cGtRf3PgrrxxzxPCMu3CmFRonCnHBtSGJyBoV+K/
bMB0+/XtEK4C+5xLJmmJ060QiyeHib3oqmXCX54C+vNGow==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGL7V0rmYBzpDh7CTOSn
t81h886gbzs3i4Gv6a4Ywg/Z+gnMjXL3SqFzIyhFReo4t1wlUkyy5zwMPBhVf/r2
4i4U0hfcJ2NLC1i6cGZjZ4+0PNe5SeNnWLT+rxhKYGq9fu2/+MuObwHl9lT9Jx2H
+1XWQixYAuKS6vrqgEba/waxYfsddZt35qfxKWpItaOGrwWpjHQx78L3KqWTip7T
9vx7RFQmYHC8F17OA95piD5XhpoCv7xufqe/5LmZQOsBQfP/EsV5Ki2JQlCAmIKh
2EDZ8WldNwXk/1iri9e5IhDl1nn9SMBSWGHpRlriBy+KiKxrn8lLhI441Jn25+V/
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 24684126493148646542432982576846209621
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Trust Network'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Basic DV SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'rhein-kolleg.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20246938539672977259065555365465474957106266711314280113563480446667287378506014266607534257540423825065667199900349337762000309708524631377038277797218059708647532208697412579955596719987195136597150276673761513364830629698734349435938110137586262135216583686805405398238905160452268792660066973435163976528082918795185631183333600090045907530228244428107304262127900901524062411774414814707257142172791607816720680589504965399199254161662532572468017739735378097711098424205447126454923619755640331831294641795646682769514400167282359937120937959009325454253152063222558175893475115457945928826928714462868416069513
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rhein-kolleg.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rhein-kolleg.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://d.symcb.com/rpa'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName caac5de1902ff1ef8cd49f3501e1013ba0cec177
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcb.com/hd.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015adb744b020000040300463044022023f8470581076fb2a90d74181498b5f734f0e6d8cfb74a176669fb38d5e7350e022005288298538e708262273bb3ebce5cd289201e623be29c00a0178d3f80f8687c007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015adb744b1d00000403004730450221008aa5c8cd938eff8a09ed56fe4731522a6e0e889017f594e22f6ba396c4b6eb0502200a4c5b3ef063c2818d8bb1059b08ca49c17cd13ab1b09351407ab8d88abdfee4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006db7167be60209e965fd4dc130990b1d7f00f5685dfd9b8103529a7b647ce134f9d1d21da6e9a094c8a03c65ab07840ad0570434bb5a79c936afcd13ac6b17b2e324cf3274b0e3cf9c1d02288c81b1bd666f418654214ff5f4ba31e4f1173e5db3485117a3e76f46ab83d40902df47a2bf4dd9caf7c654f2553d56d8e42d74da53c81b61393cb0f1045464a201d053e33da7a82d9c3ea8395ab96276b80c843703ec01c6e191c8c3f51324fe0c080c6dcb91029aa426b5d2a97ca732dee362bc706b517f73e0aebc71cf13c232edc29854689c29c706d48627206857e2bf6cc074fbf5ed10ae02fb9c4b266989d3ad108b278789bde8aa65c25f9e02faf346a3