www.bielkine.de
Issued by STRATO SSL - G2
About this certificate
This digital certificate with serial number 27:f5 was issued on by STRATO AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.bielkine.de,OU=STRATO SSL+OU=Domain Control Validated
STRATO AG
Organization:
STRATO AG
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 27:f5Serial Number (int): 10229
Serial Number lenght: 14 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: 0f:fb:84:42:71:6f:32:aa:27:fa:07:44:49:2a:ad:68:33:63:02:12
Fingerprint (sha1): 05:29:e8:fc:c5:20:ed:d5:c5:8b:61:21:1d:c6:4e:06:36:17:65:5d
Fingerprint (sha256): 00:3b:36:75:f2:6d:a6:2f:85:55:e7:d5:5c:c1:8b:d2:19:82:29:10:85:e6:cb:dd:be:36:0a:f8:e0:71:46:c0
Issuing Certificate URL: http://strato-aia.digitalcertvalidation.com/stratog2.crt
Revocation information
OCSP Server: http://strato-ocsp.digitalcertvalidation.comCRL Distribution Point: http://strato-crl.digitalcertvalidation.com/crls/stratog2.crl
Check the revocation status for certificate www.bielkine.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.bielkine.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.bielkine.de
bielkine.de
bielkine.de
Other certificates including the domain name bielkine.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.bielkine.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICJ/UwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCREUx EjAQBgNVBAoTCVNUUkFUTyBBRzEdMBsGA1UECxMURG9tYWluIFZhbGlkYXRlZCBT U0wxGDAWBgNVBAMTD1NUUkFUTyBTU0wgLSBHMjAeFw0xNjAxMjAwMTE1MDBaFw0x NzAyMjEwNTExMTJaMFIxEzARBgNVBAsTClNUUkFUTyBTU0wxITAfBgNVBAsTGERv bWFpbiBDb250cm9sIFZhbGlkYXRlZDEYMBYGA1UEAxMPd3d3LmJpZWxraW5lLmRl MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE2yTFTQ+4+tKjO39bQm ca1mgydsJj3rk1H6jON0a2+Cuv5g9aNK7RA43iBdJXUaqmK0onuzdN4MREhLknID rH+cHlwB/3IpWyDW7vySbj0t0VMR9QaGIBgfmsxDrCiCnhcvEeJTr48FZo7KqHxk LD7qLosq11X9KBweU4VfLc6RaclEgQlATt3prLKqQOsm8xfds9mQ/2E3KwX4PzOL KY8XISxawRJcKlu+pOZVPEgR8LwdSFsCzC0SvKUfCk2mSLq08LjPXcCU6Wp3Uznt Xfp4cRH8e0Tz38XX5EQV62v4nbA/KxsW6nVVre4tJg29cRwpxZjz7DOFd9LBVGin xwIDAQABo4IBxjCCAcIwHwYDVR0jBBgwFoAUD/uEQnFvMqon+gdESSqtaDNjAhIw gZAGCCsGAQUFBwEBBIGDMIGAMDgGCCsGAQUFBzABhixodHRwOi8vc3RyYXRvLW9j c3AuZGlnaXRhbGNlcnR2YWxpZGF0aW9uLmNvbTBEBggrBgEFBQcwAoY4aHR0cDov L3N0cmF0by1haWEuZGlnaXRhbGNlcnR2YWxpZGF0aW9uLmNvbS9zdHJhdG9nMi5j cnQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjAnBgNVHREEIDAegg93d3cuYmllbGtpbmUuZGWCC2JpZWxraW5lLmRlME4GA1Ud HwRHMEUwQ6BBoD+GPWh0dHA6Ly9zdHJhdG8tY3JsLmRpZ2l0YWxjZXJ0dmFsaWRh dGlvbi5jb20vY3Jscy9zdHJhdG9nMi5jcmwwDAYDVR0TAQH/BAIwADBWBgNVHSAE TzBNMEsGBmeBDAECATBBMD8GCCsGAQUFBwIBFjNodHRwczovL3d3dy5nZW90cnVz dC5jb20vcmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVnYWwwDQYJKoZIhvcNAQELBQAD ggEBAEFsNYLUPAqaB90G9oo5gEn4kQ0ZtN7wW2zBqUSxeEz/Z9BK7VPcYAKGqF16 HE7xntDp47SDopSdFJBc0hdaG4Z/h9SABYu7YcagKDGB8Wc0KaMAnHKe2j0RuoM2 wuFQ/Y5kqNd06Rt+mS7btWGLBu81EKWKE3CIatOrMyJUmMcVLGBECQzB1gafFSg5 crahfdG8SA5o7LtkhWZNEVySN++FnaQdUJyu6sDRU17YyXSWcd6EdOVuDnGaW6BH 78C9yBtP2RDSWDC8CUUzqy+aAvG5s4XLcNLbhnz7OCFnKwKduNWt5G9LrDNRasPA 8OoS98Q7RFOe6wbo+stW5LCNHYc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE2yTFTQ+4+tKjO39bQm ca1mgydsJj3rk1H6jON0a2+Cuv5g9aNK7RA43iBdJXUaqmK0onuzdN4MREhLknID rH+cHlwB/3IpWyDW7vySbj0t0VMR9QaGIBgfmsxDrCiCnhcvEeJTr48FZo7KqHxk LD7qLosq11X9KBweU4VfLc6RaclEgQlATt3prLKqQOsm8xfds9mQ/2E3KwX4PzOL KY8XISxawRJcKlu+pOZVPEgR8LwdSFsCzC0SvKUfCk2mSLq08LjPXcCU6Wp3Uznt Xfp4cRH8e0Tz38XX5EQV62v4nbA/KxsW6nVVre4tJg29cRwpxZjz7DOFd9LBVGin xwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10229 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'STRATO AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'STRATO SSL - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-20 01:15:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-21 05:11:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'STRATO SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.bielkine.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20236442355454215801574648943143660884414838039026515249427387712832600037010845255192250114782873111454518838622127928457462827327403553755426696224815211309272405323107707206846574221882224951074042125635377592337366739562862194352983534906474663850763313711672599947372119952283022022334446455815858853378889278451229212605032357320235736447729611514396438336522573420563468139335574769813851567953155903246551275102698915231217569581184672241381610092534562055066423195068194674508311401457554432107194322419022051187042413108150912060685799979120261574471683286079036995551838651245077772182451854310830798055367 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0ffb8442716f32aa27fa0744492aad6833630212 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (131 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://strato-ocsp.digitalcertvalidation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://strato-aia.digitalcertvalidation.com/stratog2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bielkine.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bielkine.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://strato-crl.digitalcertvalidation.com/crls/stratog2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00416c3582d43c0a9a07dd06f68a398049f8910d19b4def05b6cc1a944b1784cff67d04aed53dc600286a85d7a1c4ef19ed0e9e3b483a2949d14905cd2175a1b867f87d480058bbb61c6a0283181f1673429a3009c729eda3d11ba8336c2e150fd8e64a8d774e91b7e992edbb5618b06ef3510a58a1370886ad3ab33225498c7152c6044090cc1d6069f15283972b6a17dd1bc480e68ecbb6485664d115c9237ef859da41d509caeeac0d1535ed8c9749671de8474e56e0e719a5ba047efc0bdc81b4fd910d25830bc094533ab2f9a02f1b9b385cb70d2db867cfb3821672b029db8d5ade46f4bac33516ac3c0f0ea12f7c43b44539eeb06e8facb56e4b08d1d87