ohi.com

Issued by Encryption Everywhere DV TLS CA - G2

About this certificate

This digital certificate with serial number 05:d8:7c:f6:da:21:55:9d:a1:b9:38:40:d3:13:85:64 was issued on by DigiCert Inc.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=ohi.com

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:d8:7c:f6:da:21:55:9d:a1:b9:38:40:d3:13:85:64
Serial Number (int): 7770210676794964450485018578363057508
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 02:90:0c:33:67:5d:b6:b4:cc:ab:ff:b2:bb:5b:dc:97:0b:ed:8d:f7
AuthorityKeyId: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6

Fingerprint (sha1): 55:e2:04:48:de:2c:a0:ac:d8:82:9e:b1:00:11:d7:40:79:01:bb:49
Fingerprint (sha256): 00:97:cd:24:d5:8c:f2:43:55:ab:bc:3a:b5:0d:a5:bc:0c:ac:58:80:77:24:ef:80:b2:81:af:34:b5:22:36:89

Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com

Check the revocation status for certificate ohi.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ohi.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ohi.com

Other certificates including the domain name ohi.com

(limited to 100 certificates)
ohi.com
marketplace.partnerpage.io
agencies.ecommerce-platforms.com
partners.ohi.com
agencies.ecommerce-platforms.com
tls.automattic.com
tls.automattic.com
tls.automattic.com
partners.ohi.com
apimodules.friggframework.org
apimodules.friggframework.org
marketplace.partnerpage.io
tls.automattic.com
agencies.ecommerce-platforms.com
tls.automattic.com
marketplace.partnerpage.io
marketplace.partnerpage.io
tls.automattic.com
tls.automattic.com
marketplace.partnerpage.io
marketplace.partnerpage.io
marketplace.partnerpage.io
api.ohi.com
api.ohi.com
agencies.ecommerce-platforms.com
tls.automattic.com
marketplace.partnerpage.io
marketplace.partnerpage.io
tls.automattic.com
marketplace.partnerpage.io

Certificate

The complete raw certificate details for ohi.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgIQBdh89tohVZ2huThA0xOFZDANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzIwHhcNMjQwMzI4MDAwMDAwWhcNMjUwMzI3MjM1OTU5WjAS
MRAwDgYDVQQDEwdvaGkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtWJ4Ry7SXhJCyejARp5JQS5H/6c0xiFWBRSze6cZY9sEzPSBShIJUuQfSXon
H1dyvNuqkmk9bxG6xI5JIboKNGytuDY1OCpqCb15PX53qXOli6GMkjGN2PdquOcz
Jc+VZdedKVqGFDxGigD6f9f1G59BDi5HuIXLVyTbIP/HQ2C2cPKkQ+UpKKDLiG70
mquNCqKTH9CSqkY9sYMTvHKJyH8KGtFNnEnjL5iLn37DcjfEEb8K+nM87R8YBodd
1cvnKzGnBNt+CXnfgsxY3Rs18K8oKVWgtcvX7qnQCL+MIE12wFgWloohMsTP2KsE
kTpvqL5IE5lwShRXEyrrx4CFfwIDAQABo4IC2TCCAtUwHwYDVR0jBBgwFoAUeN+R
kF/u3qz2xXXr1UxVU+8kSrYwHQYDVR0OBBYEFAKQDDNnXba0zKv/srtb3JcL7Y33
MBIGA1UdEQQLMAmCB29oaS5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggr
BgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgYAGCCsGAQUFBwEB
BHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEoGCCsG
AQUFBzAChj5odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRW5jcnlwdGlvbkV2
ZXJ5d2hlcmVEVlRMU0NBLUcyLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHW
eQIEAgSCAW0EggFpAWcAdQBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo5
3wAAAY6E66wLAAAEAwBGMEQCIDqC2e+MVqPtii/GlGfQ2oBoPGVbjqgDePrFg04E
4T4pAiAv2C1Q9c2lskmqH8mBthx76KUi4bxaZEfz3fMNfk4/ngB2AH1ZHhLheCp7
HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABjoTrrFAAAAQDAEcwRQIhAJSJQoOI
nBPCk5Dy1Vy1juRj6AbshTQGbqmOqux/4W1KAiBqe1Tyt+4id45ft3vtmMc9Ttz5
wdSKdv4/Dvs+9WcIcwB2AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45Q
AAABjoTrrFkAAAQDAEcwRQIhALmYWKLshX1YX6nMLmuGUNtOQL3bJxVtUAznpa77
B5zRAiBHQYScT8HtNc1PLzwMrldC0Dht7vrqKC9qNdEObz/c8DANBgkqhkiG9w0B
AQsFAAOCAQEAmsxsKED1M/Vvo/3ksy0ttDSPLV8ypIxY2Sd88yUZf1f/UZdy7cIT
rl3jEt/5AL/n3ua8b7io52/7rT6RKdst3ctyr1Ty4okzj9Uc5BiBZ7i7N23gpsfc
KCS70GqF5k7QxDmDQdsb0Q6Suwg+WPkhyQUMKwGa+5mzpoEDdRo69cuna4rwDNyQ
MKsbFbd4emXr/m6jeixMv2BTO7PnCq3Gvk1CsrfRC2rUqohYpMUh85Ivk/zAS0Cv
emg9e91j7DJlquBUeCHLc8yndq0/rDSjOSax1PDWVND2F6C/6/gjc2IPXiHK0r+K
ZSZfvsfbIwV5ZBXqy/NSPzexGR8zIYxkmg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWJ4Ry7SXhJCyejARp5J
QS5H/6c0xiFWBRSze6cZY9sEzPSBShIJUuQfSXonH1dyvNuqkmk9bxG6xI5JIboK
NGytuDY1OCpqCb15PX53qXOli6GMkjGN2PdquOczJc+VZdedKVqGFDxGigD6f9f1
G59BDi5HuIXLVyTbIP/HQ2C2cPKkQ+UpKKDLiG70mquNCqKTH9CSqkY9sYMTvHKJ
yH8KGtFNnEnjL5iLn37DcjfEEb8K+nM87R8YBodd1cvnKzGnBNt+CXnfgsxY3Rs1
8K8oKVWgtcvX7qnQCL+MIE12wFgWloohMsTP2KsEkTpvqL5IE5lwShRXEyrrx4CF
fwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7770210676794964450485018578363057508
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ohi.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22897690484824313787364665325911318520131581092556079552994562119280621695504469103189672884235174338363943427640754797391812808142553117958742331123803830050141400394039510960755051936243130856339504663746419773215010228718046814647582800995506826728579286550547517461485975041125945467655847863442663059431349219810650783462432198891509801079513310871728709441736889791453078055631511518643291321390148454269639022191569504709605297937895167470493036209192310964618893980839276309489989673862932253652648687483556137733243806442135867409865734511596235633317259685749536411962247955403285073231385207638506921297279
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							02900c33675db6b4ccabffb2bb5bdc970bed8df7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (11 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ohi.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e84ebac0b000004030046304402203a82d9ef8c56a3ed8a2fc69467d0da80683c655b8ea80378fac5834e04e13e2902202fd82d50f5cda5b249aa1fc981b61c7be8a522e1bc5a6447f3ddf30d7e4e3f9e0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e84ebac50000004030047304502210094894283889c13c29390f2d55cb58ee463e806ec8534066ea98eaaec7fe16d4a02206a7b54f2b7ee22778e5fb77bed98c73d4edcf9c1d48a76fe3f0efb3ef5670873007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e84ebac590000040300473045022100b99858a2ec857d585fa9cc2e6b8650db4e40bddb27156d500ce7a5aefb079cd102204741849c4fc1ed35cd4f2f3c0cae5742d0386deefaea282f6a35d10e6f3fdcf0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009acc6c2840f533f56fa3fde4b32d2db4348f2d5f32a48c58d9277cf325197f57ff519772edc213ae5de312dff900bfe7dee6bc6fb8a8e76ffbad3e9129db2dddcb72af54f2e289338fd51ce4188167b8bb376de0a6c7dc2824bbd06a85e64ed0c4398341db1bd10e92bb083e58f921c9050c2b019afb99b3a68103751a3af5cba76b8af00cdc9030ab1b15b7787a65ebfe6ea37a2c4cbf60533bb3e70aadc6be4d42b2b7d10b6ad4aa8858a4c521f3922f93fcc04b40af7a683d7bdd63ec3265aae0547821cb73cca776ad3fac34a33926b1d4f0d654d0f617a0bfebf82373620f5e21cad2bf8a65265fbec7db2305796415eacbf3523f37b1191f33218c649a