DV SSL/TLS Certificate for gescont.cnt.br

Certificate is witin its validity period

Issued by Google Trust Services (WR1)

About the gescont.cnt.br DV SSL/TLS Certificate

This certificate with serial number a5:9a:e4:32:d6:ef:4b:6d:0d:d0:4f:ab:8b:f3:b0:ad for gescont.cnt.br was issued on by Google Trust Services.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for gescont.cnt.br provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Google Trust Services

Organization: Google Trust Services
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): a5:9a:e4:32:d6:ef:4b:6d:0d:d0:4f:ab:8b:f3:b0:ad
Serial Number (int): 220126861438042322339827844484892438701
Serial Number Length: 128 bits, 16 octets

Subject Key Identifier: d8:03:b9:65:cb:89:de:7e:2c:02:c7:45:ae:22:d5:bb:65:27:c7:02
Authority Key Identifier: 66:69:49:d4:de:2a:9c:91:03:cf:89:0e:24:b8:0e:30:03:6e:88:2e

Fingerprint (SHA-1): f0:d7:66:41:6b:e8:cc:4a:db:b8:bc:1b:6c:ec:8b:a5:a6:44:57:c4
Fingerprint (SHA-256): 48:b5:2c:2f:ab:7f:a9:d3:b2:59:49:73:d5:ab:5f:13:bd:3a:87:af:07:49:71:9f:ce:fa:e5:1e:93:1a:8d:c4

Issuing Certificate URL: http://i.pki.goog/wr1.crt

Revocation Information

OCSP Server: http://o.pki.goog/s/wr1/pZo
CRL Distribution Point: http://c.pki.goog/wr1/bg-a-G1ME_s.crl

Check the revocation status for certificate gescont.cnt.br
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for gescont.cnt.br

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for gescont.cnt.br in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIRAKWa5DLW70ttDdBPq4vzsK0wDQYJKoZIhvcNAQELBQAw
OzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczEM
MAoGA1UEAxMDV1IxMB4XDTI1MDYwMzAxNDkwN1oXDTI1MDkwMTAxNDkwNlowGTEX
MBUGA1UEAxMOZ2VzY29udC5jbnQuYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDFaJ+C17dQIYahbWLsxw8pM/uRa95K67yY+5KIlnyDLkKTnAYNNp8A
2/hDDjLaUUh8OTsfNDm1mczzwrLPVpTFYlUXn/PE2SjKpp+FtxlbRGeAgzQ0sTPb
tNAuqQ+UJ2YzzXaZZjG6muyVf9o9vVTm0pFEbFVGhdjPEoRHPj+M/vS+MFGtiblN
2LG8/s5qIZsQL5yLvVGoECabMOsAc1gdEYbuzd9aRjLDr3aORbHQfAs/Lc9ZKR8s
AhSxbyZm1U6cLdPA+/co0EFSTmzI3XEx/l0ahKxxIP5kNLfOvjYkpGzxTBV/fmzV
Pf0MS1E7TtAvT4FOZbrfF3I65nIMw2YPAgMBAAGjggJcMIICWDAOBgNVHQ8BAf8E
BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQU2AO5ZcuJ3n4sAsdFriLVu2UnxwIwHwYDVR0jBBgwFoAUZmlJ1N4qnJEDz4kO
JLgOMANuiC4wXgYIKwYBBQUHAQEEUjBQMCcGCCsGAQUFBzABhhtodHRwOi8vby5w
a2kuZ29vZy9zL3dyMS9wWm8wJQYIKwYBBQUHMAKGGWh0dHA6Ly9pLnBraS5nb29n
L3dyMS5jcnQwLQYDVR0RBCYwJIIOZ2VzY29udC5jbnQuYnKCEnd3dy5nZXNjb250
LmNudC5icjATBgNVHSAEDDAKMAgGBmeBDAECATA2BgNVHR8ELzAtMCugKaAnhiVo
dHRwOi8vYy5wa2kuZ29vZy93cjEvYmctYS1HMU1FX3MuY3JsMIIBBQYKKwYBBAHW
eQIEAgSB9gSB8wDxAHcA3dzKNJXX4RYF55Uy+sef+D0cUN/bADoUEnYKLKy7yCoA
AAGXM7FSGgAABAMASDBGAiEAgTaVYYD2vv8hvQcWR5zCcjmhuOW/+JYln7m1w+UO
HGUCIQDOiBoUWp24Te7GaMtGWGLtqXlFRluM41USb64Hcf6iIQB2AH1ZHhLheCp7
HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABlzOxUgsAAAQDAEcwRQIgEhLwk4pE
McLC6OJd6yManqkZPRpBsRVLS7fQC+ci6JQCIQCOxeIy2WLaqlZauqs8AwjQDhwZ
ELrHxSiB/oAClTKIlDANBgkqhkiG9w0BAQsFAAOCAQEAh869SIwDeabLTzFZu7S0
4Y9xiykrFAQ6TR1vabzO1ExoZQBxOQcyUuvjCnrXh5tMBUdA7p3Levc8ZrM5Cy7b
zYAZRLzFkLz9cewP4Oew8KQT2NsnqDNpq8eZCWwdm/Am5KIcK3KrmTWKR7US16Sc
8unMJs3zaLEofyiK8BjlltQGnEFP7g4V287UyhJhG08ca83VkWLb+98zEfyViS+8
DelXkAeGyrGwmZwoLTn2j2A4GJA60uofgNQFGIAvnIzE0gpXp5JkOTcq7Gf4YHgm
VFwlTwhag6mowFqwkQmsJxoVKJF6WfLpRTHR2ULCfJUFHz6E56AU5HJnq8/zdiqE
NA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWifgte3UCGGoW1i7McP
KTP7kWveSuu8mPuSiJZ8gy5Ck5wGDTafANv4Qw4y2lFIfDk7HzQ5tZnM88Kyz1aU
xWJVF5/zxNkoyqafhbcZW0RngIM0NLEz27TQLqkPlCdmM812mWYxuprslX/aPb1U
5tKRRGxVRoXYzxKERz4/jP70vjBRrYm5TdixvP7OaiGbEC+ci71RqBAmmzDrAHNY
HRGG7s3fWkYyw692jkWx0HwLPy3PWSkfLAIUsW8mZtVOnC3TwPv3KNBBUk5syN1x
Mf5dGoSscSD+ZDS3zr42JKRs8UwVf35s1T39DEtRO07QL0+BTmW63xdyOuZyDMNm
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 220126861438042322339827844484892438701
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WR1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-03 01:49:07 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-01 01:49:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gescont.cnt.br'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24920537646960046626845951784974187323530113672516047275559583642422879407565403110958927641370858257222918617996283490819814927537768009069312399041099711950890251367594455148395004157715936655578614428078101049983771773718159877409412097179995121862728280999030435758839608088534297984332528772142250513226711364111477004444323199436485409186300951480971845046615392262774030786512237800075326843972855321567964872122318516939005097624563658190226813331174043543192446503287800628082482273498434708387416719041537782904728860763782604796160726367699155876630688319244797392335684315257755838290998822602612773447183
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d803b965cb89de7e2c02c745ae22d5bb6527c702
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 666949d4de2a9c9103cf890e24b80e30036e882e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://o.pki.goog/s/wr1/pZo'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://i.pki.goog/wr1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gescont.cnt.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gescont.cnt.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://c.pki.goog/wr1/bg-a-G1ME_s.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000019733b1521a00000403004830460221008136956180f6beff21bd0716479cc27239a1b8e5bff896259fb9b5c3e50e1c65022100ce881a145a9db84deec668cb465862eda97945465b8ce355126fae0771fea2210076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000019733b1520b000004030047304502201212f0938a4431c2c2e8e25deb231a9ea9193d1a41b1154b4bb7d00be722e8940221008ec5e232d962daaa565abaab3c0308d00e1c1910bac7c52881fe800295328894
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0087cebd488c0379a6cb4f3159bbb4b4e18f718b292b14043a4d1d6f69bcced44c6865007139073252ebe30a7ad7879b4c054740ee9dcb7af73c66b3390b2edbcd801944bcc590bcfd71ec0fe0e7b0f0a413d8db27a83369abc799096c1d9bf026e4a21c2b72ab99358a47b512d7a49cf2e9cc26cdf368b1287f288af018e596d4069c414fee0e15dbced4ca12611b4f1c6bcdd59162dbfbdf3311fc95892fbc0de957900786cab1b0999c282d39f68f603818903ad2ea1f80d40518802f9c8cc4d20a57a7926439372aec67f8607826545c254f085a83a9a8c05ab09109ac271a1528917a59f2e94531d1d942c27c95051f3e84e7a014e47267abcff3762a8434