*.dec.ny.gov

- New York State Office for Technology -

Issued by GlobalSign Organization Validation CA - SHA256 - G2

About this certificate

This digital certificate with serial number 3b:11:52:5a:9f:bf:15:0c:f9:52:fd:e3 was issued on Tuesday Feb 19, 2019 at 5:21PM by GlobalSign nv-sa.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

We have idenified some issues with this certificate:

Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

New York State Office for Technology

Organization: New York State Office for Technology

State / Province: New York
Locality: Albany
Country: US

GlobalSign nv-sa

Organization: GlobalSign nv-sa

Country: BE

This certificate has expire since Wednesday Apr 7, 2021 at 2:11PM UTC

Certificate Details

Serial Number (hex): 3b:11:52:5a:9f:bf:15:0c:f9:52:fd:e3
Serial Number (int): 18280556224162312013548289507
Serial Number lenght: 94 bits, 12 octets

SubjectKeyId: 54:a4:9b:49:e3:64:ab:90:60:59:35:a1:51:18:a0:04:34:eb:c7:5b
AuthorityKeyId: 96:de:61:f1:bd:1c:16:29:53:1c:c0:cc:7d:3b:83:00:40:e6:1a:7c

Fingerprint (sha1): 37:98:56:c8:dc:32:6c:b4:29:d5:73:11:e1:54:f8:8a:cd:c2:20:af
Fingerprint (sha256): 02:6e:a7:a0:83:34:25:eb:26:75:55:33:7b:df:0b:b0:92:d9:94:09:dd:1d:a1:59:2b:aa:0a:4f:42:01:71:3a

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

Check the revocation status for certificate *.dec.ny.gov

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.dec.ny.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

Fully Qualified Domain Names

*.dec.ny.gov

dec.ny.gov

*.dec.ny.gov
dec.ny.gov

Other certificates including the domain name ny.gov

(limited to 100 certificates)

www.tax.ny.gov
*.justicecenter.ny.gov
5638059940904960-fe3.pantheonsite.io
mail.cityofjohnstown.ny.gov
r4a10.osc.ny.gov
*.health.ny.gov
www.ciris.ny.gov
carpepm.almonds.com
5697124062724096-fe2.pantheonsite.io
5767917874446336-fe1.pantheonsite.io
*.hcr.ny.gov
5645914630782976-fe1.pantheonsite.io
5752571553644544-fe2.pantheonsite.io
el.nyserda.ny.gov
cjc.ny.gov
www.rev.ny.gov
5767917874446336-fe1.pantheonsite.io
5638059940904960-fe3.pantheonsite.io
*.health.ny.gov
tracs2.otda.ny.gov
ocra.omh.ny.gov
it.uahs.arizona.edu
learn.apps.loopstart.net
sni.cloudflaressl.com
int.sfs.ny.gov
recovery.dhses.ny.gov
www.tax.ny.gov
www.tax.ny.gov
5638059940904960-fe3.pantheonsite.io
Appcenter1.esd.ny.gov
5202656289095680-fe4.pantheonsite.io
5752571553644544-fe2.pantheonsite.io
*.hcr.ny.gov
www.perb.ny.gov
*.hcr.ny.gov
*.oagtest.ag.ny.gov
qasc.oft.ny.gov
bonds.hcr.ny.gov
*.opwdd.ny.gov
*.health.ny.gov
doccs-ndid.digital-dev.dmv.ny.gov
calendar.sdzsafaripark.org
devwebcloud.health.ny.gov
www.oscar.ny.gov
www.rev.ny.gov
dev.ag.ny.gov
youthworks.ny.gov
steuben911.ny.gov
APPS.OCFS.NY.GOV
recovery.dhses.ny.gov
mhprovider.qa.omh.ny.gov
vhc.wcb.ny.gov
*.dos.ny.gov
banking-business-review.com
cdn-test.battlefields.org
5752571553644544-fe2.pantheonsite.io
WestchesterCDPS.ny.gov
*.omh.ny.gov
GardenCity.ny.gov
citeak.multidevcom.uaf.edu
qa.my.ny.gov
booking.virtualhometour.sg
portwashingtonpd.ny.gov
r5a20.osc.ny.gov
fulton.ny.gov
ertfin.sfs.ny.gov
*.criminaljustice.ny.gov
cortlandcounty.ny.gov
uihp2.labor.ny.gov
5697124062724096-fe2.pantheonsite.io
hcstgbi.osc.ny.gov
applications.labor.ny.gov
www2.dps.ny.gov
DOCCS-Submetering.BMS.ny.gov
chns120.courseresource.yale.edu
my.justicecenter.ny.gov
*.dec.ny.gov
bonds.hcr.ny.gov
*.troopers.ny.gov
5202656289095680-fe4.pantheonsite.io
vpcr-qa.justicecenter.ny.gov
data.ny.gov
ccf.ny.gov
*.ocfs.ny.gov
vhc.wcb.ny.gov
dmna.ny.gov
qa-ldap.ny.gov
pay-92qanyspows.osc.ny.gov
online.ogs.ny.gov
nystateofhealth.ny.gov
5202656289095680-fe4.pantheonsite.io
www7f.tax.ny.gov
labor.ny.gov
allegany.ny.gov
vpn3.dfs.ny.gov
RAVPN.FRG.NY.GOV
qasc.oft.ny.gov
sni.cloudflaressl.com
ihstgi.osc.ny.gov
*.budget.ny.gov

Certificate

The complete raw certificate details for *.dec.ny.gov in PEM and ASN.1 format.

Certificate (PEM)

Public Key (PEM)

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 18280556224162312013548289507
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - SHA256 - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-19 17:21:12 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-07 14:11:06 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Albany'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York State Office for Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.dec.ny.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21807304037441676239394166387851618735455349630623346981588483611643561393705448550755401412214120848881548485941023136137774083576212787435454910575331882555319055895959723635974681983057112279862161007107628669848683171642081410823880094664195484152236441880596145649768397460124990142856699295458360645242647499007269606701716038156842745830985948706028687356649234320956191804495009842392599759404856699084869522881639385487974964744027536455836082728846504875755266733227919314911131899036001139310736636126376563635615317368514185053184825815774369262981794698940142156710964972981809574461567118209197953557541
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalsha2g2'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dec.ny.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dec.ny.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							54a49b49e364ab90605935a15118a00434ebc75b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96de61f1bd1c1629531cc0cc7d3b830040e61a7c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016906c6a084000004030046304402203f44a9f74a17aaac53dcb814a86a26b1bd15f4a3e737e2d0411017b1f679ad90022038b8d46886d0f37c664fed77562a0e545ca6684c937ff725039d0dfd40d9a1a30076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016906c6a09e0000040300473045022100d3be85b293cb482896fcc2341eb4781cbc80b13c8b106804677c5cd81bd07639022079e1bef02becd64f6e2ba4b508a1feb20abb7c6efdd941b9e18801bf748e06d6007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016906c6a0730000040300483046022100e13b3260ce58af94b0878e2d00f230fdf0c5c2cf10d8849d773888744fa02be2022100d8e572d8ea0454c00ceea8255e953dddaf8054f36af6872157a32398a23a1ff9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006dcc12e159665cdc9ba8d56b97706f6129343035afd2342808112b6867b8b5bb1c2fa5821afd61f771dbf23acd2b53e4eb9cdf84905688506d3df4b46b5e21770b80ca42e4075970ecc342ca81c44b10411c1660838d8bae6d3a25c52aa506fce45e36916873b292b979aa9d37534edb624b9a3941011071ea3bb2c2260296e8b2c3847dac6fa6c279803e10f4bee5222083d122155864e496f77bfeea8fd63de8105e6d57c9949adbed8455cbce2f6a82f13c654a17f0a59a37e00882726be2e561537babcc50278e899be673399b018ccd0cf95f1a2375117523d31cdb93cb076410bb933a016e64c1388d5260bd3f19a24515fb7d24ffa8d40ee003605a71