www1.sekoia.io

Issued by Gandi RSA Domain Validation Secure Server CA 3

About this certificate

This digital certificate with serial number 29:01:2f:ee:a7:11:5d:f3:91:f7:79:af:eb:c0:49:82 was issued on by Gandi.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www1.sekoia.io

Gandi

Organization: Gandi
Country: FR

This certificate will expire on

Certificate Details

Serial Number (hex): 29:01:2f:ee:a7:11:5d:f3:91:f7:79:af:eb:c0:49:82
Serial Number (int): 54504512305299127692364693964756896130
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 07:3c:75:9b:76:da:33:59:ea:b7:99:ac:b2:e2:a9:a9:27:d7:d3:2b
AuthorityKeyId: 81:11:92:de:66:32:a5:b0:5b:33:3d:65:43:85:fc:d4:04:2d:f1:ae

Fingerprint (sha1): 97:ef:c2:7c:db:99:7e:f7:f5:87:fd:cd:09:34:67:2e:df:5b:28:81
Fingerprint (sha256): 02:7d:c8:70:36:01:48:2a:79:a6:ac:c0:cb:4a:6b:13:02:ed:8b:cc:28:1b:31:35:7e:9b:5f:20:b2:43:e8:30

Issuing Certificate URL: http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate www1.sekoia.io

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www1.sekoia.io

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www1.sekoia.io

Other certificates including the domain name sekoia.io

(limited to 100 certificates)

Certificate

The complete raw certificate details for www1.sekoia.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFnTCCBAWgAwIBAgIQKQEv7qcRXfOR93mv68BJgjANBgkqhkiG9w0BAQwFADBW
MQswCQYDVQQGEwJGUjEOMAwGA1UEChMFR2FuZGkxNzA1BgNVBAMTLkdhbmRpIFJT
QSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBIDMwHhcNMjMxMjIz
MDAwMDAwWhcNMjUwMTIyMjM1OTU5WjAZMRcwFQYDVQQDEw53d3cxLnNla29pYS5p
bzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBQbIK7Qd8cuZhtVlhGJGcyUI6no
/V4e/qI3SFwPLQKwTCx2GWGTrLXeuypPj84bLNoEHCgZZZ10eqXDp/3+JKujggLt
MIIC6TAfBgNVHSMEGDAWgBSBEZLeZjKlsFszPWVDhfzUBC3xrjAdBgNVHQ4EFgQU
Bzx1m3baM1nqt5mssuKpqSfX0yswDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB/wQC
MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYL
KwYBBAGyMQECAhowJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9D
UFMwCAYGZ4EMAQIBMIGDBggrBgEFBQcBAQR3MHUwTgYIKwYBBQUHMAKGQmh0dHA6
Ly9jcnQuc2VjdGlnby5jb20vR2FuZGlSU0FEb21haW5WYWxpZGF0aW9uU2VjdXJl
U2VydmVyQ0EzLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5j
b20wGQYDVR0RBBIwEIIOd3d3MS5zZWtvaWEuaW8wggF8BgorBgEEAdZ5AgQCBIIB
bASCAWgBZgB1AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjJQg
4rcAAAQDAEYwRAIgAK74SwyNyPCXsfRvV2vATy/3H9ENa7l3I3vXZxH/qpECICkC
+unJX9eH4sLq7YesD9ZtKsSY4rA/qmX3cHwAs1JfAHUAouMK5EXvva2bfjjtR2d3
U9eCW4SU1yteGyzEuVCkR+cAAAGMlCDiXAAABAMARjBEAiAWyfcUO50+UXYvP3XS
PhuUC5Mj+HNlBLy6RhYdlFkmtQIgZH6N9p+7wy3jnGUZ8i3DMogTvui5OHixxZXt
xm1/rVMAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAYyUIOJe
AAAEAwBHMEUCIQDbdSK2z+4mXO3NJ97BL/c8/UDJOyOAjfPgLbye05o4WgIgckOu
CeilI5TMSelvnc7v9yc6m2v228cDzOoiNrMGjcIwDQYJKoZIhvcNAQEMBQADggGB
AGg0wOIAZmnkSy3j7p+xBYxTOEecQ43/6rEFiO/JCfEihxY+DQpMVL+RBOW+2OF/
MnSVyIjKuNT8YnOuhTfFP3s7dSp5ugeiCiiCvYlyqKFCubDxdrL/3J3HdxYPMiFQ
BKM7s5/J0oRGh94gu1x279POUShhFqR2QWwsC3lzA2lWkmjXibTJecAMIMuUVctC
bgX6NHoBRcryB46y8k0oZsFRHb8Amm2P5phA8F6jbQXXcDJVq88cCxnsvJ3/UNbF
dfTQlcZ5UosJAJKRailIsxILe9OO4EqnqFAIVuZT9rdQqhU7M2VIgI9eOnkRPnXV
p9xg5tgpttQbGYytxQ2dqHpgAbvn71scXztdgkQ7iikuq/zLf35Dwd+elcoOgVez
imSshRxQ2OWz4D2EdeUzp/k/h9doLi/Kx/ecb5GKxjltwuW5RZBL/UmhbAsSL4la
3AYCPJGQu3bdOtgWE/Z2aCyTsLQkaaiZ7PwDsW6vgZWoFF3rvvfrE8p9i0iJuuL6
8Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFBsgrtB3xy5mG1WWEYkZzJQjqej9
Xh7+ojdIXA8tArBMLHYZYZOstd67Kk+Pzhss2gQcKBllnXR6pcOn/f4kqw==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 54504512305299127692364693964756896130
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi RSA Domain Validation Secure Server CA 3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www1.sekoia.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				0004141b20aed077c72e661b5596118919cc9423a9e8fd5e1efea237485c0f2d02b04c2c76196193acb5debb2a4f8fce1b2cda041c2819659d747aa5c3a7fdfe24ab
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 811192de6632a5b05b333d654385fcd4042df1ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							073c759b76da3359eab799acb2e2a9a927d7d32b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www1.sekoia.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018c9420e2b70000040300463044022000aef84b0c8dc8f097b1f46f576bc04f2ff71fd10d6bb977237bd76711ffaa9102202902fae9c95fd787e2c2eaed87ac0fd66d2ac498e2b03faa65f7707c00b3525f007500a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018c9420e25c0000040300463044022016c9f7143b9d3e51762f3f75d23e1b940b9323f8736504bcba46161d945926b50220647e8df69fbbc32de39c6519f22dc3328813bee8b93878b1c595edc66d7fad530076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c9420e25e0000040300473045022100db7522b6cfee265cedcd27dec12ff73cfd40c93b23808df3e02dbc9ed39a385a02207243ae09e8a52394cc49e96f9dceeff7273a9b6bf6dbc703ccea2236b3068dc2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		006834c0e2006669e44b2de3ee9fb1058c5338479c438dffeab10588efc909f12287163e0d0a4c54bf9104e5bed8e17f327495c888cab8d4fc6273ae8537c53f7b3b752a79ba07a20a2882bd8972a8a142b9b0f176b2ffdc9dc777160f32215004a33bb39fc9d2844687de20bb5c76efd3ce51286116a476416c2c0b79730369569268d789b4c979c00c20cb9455cb426e05fa347a0145caf2078eb2f24d2866c1511dbf009a6d8fe69840f05ea36d05d7703255abcf1c0b19ecbc9dff50d6c575f4d095c679528b090092916a2948b3120b7bd38ee04aa7a8500856e653f6b750aa153b336548808f5e3a79113e75d5a7dc60e6d829b6d41b198cadc50d9da87a6001bbe7ef5b1c5f3b5d82443b8a292eabfccb7f7e43c1df9e95ca0e8157b38a64ac851c50d8e5b3e03d8475e533a7f93f87d7682e2fcac7f79c6f918ac6396dc2e5b945904bfd49a16c0b122f895adc06023c9190bb76dd3ad81613f676682c93b0b42469a899ecfc03b16eaf8195a8145debbef7eb13ca7d8b4889bae2faf1