Certificate for Default SSL Certificate

Certificate has expired

Issued by itself (self-signed)

About the Default SSL Certificate Certificate

This certificate with serial number 54:3f:86:95:00:0c:88:04 for Default SSL Certificate was issued on by itself (self-signed).

This Certificate has already expired and will cause a warning or error message. We have found some issues with the compliance of this certificate, they are be shown below. We hope this Certificate review for Default SSL Certificate provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
  • Subscriber certificates MUST contain the Subject Alternate Name extension (BRs: 7.1.4.2.1)
  • Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder. (BRs: 7.1.2.3)
  • Subscriber Certificate: authorityInformationAccess MUST be present. (BRs: 7.1.2.3)
  • Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.2.3)
  • Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.3)
  • The common name field in subscriber certificates must include only names from the SAN extension (BRs: 7.1.4.2.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Default SSL Certificate

This X.509 certificate expired on

Certificate Details

Serial Number (hex): 54:3f:86:95:00:0c:88:04
Serial Number (int): 6070718797227788292
Serial Number Length: 63 bits, 8 octets

Subject Key Identifier:
Authority Key Identifier:

Fingerprint (SHA-1): 36:18:6d:69:3e:f9:10:05:b2:36:82:e3:6b:1c:69:98:04:bd:cf:6e
Fingerprint (SHA-256): 4f:b4:c8:73:d6:42:21:7d:b7:28:36:40:8a:b7:e9:7e:3a:ec:cf:39:ae:a9:54:ee:17:f6:cc:a4:6e:08:18:2d


Revocation Information


Check the revocation status for certificate Default SSL Certificate
0
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for Default SSL Certificate

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
None
Extended Key Usages
Server Authentication
Client Authentication
Extensions
2
CA Certificate
This is not a CA certificate

Subject Alternative Names

This X.509 certificate doesn't contain any subject alternative names.

X.509 Certificate

The complete raw X.509 certificate details for Default SSL Certificate in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIC9TCCAd2gAwIBAgIIVD+GlQAMiAQwDQYJKoZIhvcNAQELBQAwIjEgMB4GA1UE
AwwXRGVmYXVsdCBTU0wgQ2VydGlmaWNhdGUwHhcNMTQxMDE2MDg0OTI1WhcNMTcx
MDE1MDg0OTI1WjAiMSAwHgYDVQQDDBdEZWZhdWx0IFNTTCBDZXJ0aWZpY2F0ZTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALVb8c98RcwUuvmTLghWHx84
d97PpdIYdzSwdYys2+yJYc9asDKV4BKPIPRzVYXsY048kof9rnI/ORqv+lrNJs8P
6tEU3r2YhJ5E5XAA+wSEsheUtCzm9kUl65BcTMOZEzxgaevttSfqlHvLMWGsdlGA
eRh7lMbHheygC1gvkQGqIp74l4rxHe+GO8f+14uP0vIUDZzzkRdM2RI5J3kU53Md
stG4/0JqzQ0tejcNJWswLVeXbetQuVOjgQln3/W1znAgZk+oJerNCYB6WzSUUekh
XGqfwrL7ktLAdHLHU8OjLritidlFQULFEGGpBU3CUcsrzHSBwqIrlrxZ5jyi4i0C
AwEAAaMvMC0wDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDQYJKoZIhvcNAQELBQADggEBAG+ZqtGamkImdVX/aTkjzgl2gKNRSX/k
pWc8cxCx95J8RYNWnaHA9yWcRLmNT3jL1ln5gpDWC+7Ps44XI8C4CiGZfTENPJFO
61oi7bARG+IpDkGJV4K6KFpFJBogX0RN2DhyKNIs4t1miT9JP8QMh8TsndiIMsdD
RLHaSlFtY/81Mof2U22Ga6T6/mBvlycBK4bviJ2vfBFG7SqSpDlHFR8X+ni2RrL6
tQ8NaK9TYgqS+JoKIHSHl5oPPmdndIBXwLhSwqdeCxk1XWIf1Qgn6MnPWbJ0wdqS
i3udUY34/E+TdRdRI5jndAp9jRCHWHWKgcmXD2YVqyL6+w8vBqtZzTE=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVvxz3xFzBS6+ZMuCFYf
Hzh33s+l0hh3NLB1jKzb7Ilhz1qwMpXgEo8g9HNVhexjTjySh/2ucj85Gq/6Ws0m
zw/q0RTevZiEnkTlcAD7BISyF5S0LOb2RSXrkFxMw5kTPGBp6+21J+qUe8sxYax2
UYB5GHuUxseF7KALWC+RAaoinviXivEd74Y7x/7Xi4/S8hQNnPORF0zZEjkneRTn
cx2y0bj/QmrNDS16Nw0lazAtV5dt61C5U6OBCWff9bXOcCBmT6gl6s0JgHpbNJRR
6SFcap/CsvuS0sB0csdTw6MuuK2J2UVBQsUQYakFTcJRyyvMdIHCoiuWvFnmPKLi
LQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6070718797227788292
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Default SSL Certificate'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-10-16 08:49:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-15 08:49:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Default SSL Certificate'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22894472757250011569015037165187636301488840064229392809192825962351316963038177153115334432175102923224664861064840863311412962919964293702794650721085686477612322258337813684680523762358101747931065206106639200764040020482286672191484768215499370374410544089369957591824187650732154021937516551533558548139146639424531527714720984237254652512972435096402319446373704215348097182597163541557019844098356401471305807930220865401932153111205121447901001707538886512722602508558946404424769018597136306850131144830474371295578760626850748953626617555722091432825180448933506757256337437477352379433473439970818248598061
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006f99aad19a9a42267555ff693923ce097680a351497fe4a5673c7310b1f7927c4583569da1c0f7259c44b98d4f78cbd659f98290d60beecfb38e1723c0b80a21997d310d3c914eeb5a22edb0111be2290e41895782ba285a45241a205f444dd8387228d22ce2dd66893f493fc40c87c4ec9dd88832c74344b1da4a516d63ff353287f6536d866ba4fafe606f9727012b86ef889daf7c1146ed2a92a43947151f17fa78b646b2fab50f0d68af53620a92f89a0a207487979a0f3e6767748057c0b852c2a75e0b19355d621fd50827e8c9cf59b274c1da928b7b9d518df8fc4f937517512398e7740a7d8d108758758a81c9970f6615ab22fafb0f2f06ab59cd31