cafsa.org

Issued by GTS CA 1P5

About this certificate

This digital certificate with serial number be:16:a0:af:b3:16:0d:f2:13:b6:24:f2:2b:86:68:05 was issued on by Google Trust Services LLC.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=cafsa.org

Google Trust Services LLC

Organization: Google Trust Services LLC
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): be:16:a0:af:b3:16:0d:f2:13:b6:24:f2:2b:86:68:05
Serial Number (int): 252670808835911285305426918444596881413
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: e8:c8:8e:8c:c2:2f:ad:58:88:d1:e3:39:fc:ca:99:da:4b:cc:19:bb
AuthorityKeyId: d5:fc:9e:0d:df:1e:ca:dd:08:97:97:6e:2b:c5:5f:c5:2b:f5:ec:b8

Fingerprint (sha1): c7:e9:04:96:b2:31:ef:22:2b:e3:d9:2d:3f:18:5f:a8:b4:2e:7d:7a
Fingerprint (sha256): 06:2f:26:9d:08:1d:f8:c4:aa:8c:e8:50:1d:7b:69:cd:d8:98:f1:a2:2e:f9:3f:a6:ab:c4:20:5a:65:03:2d:55

Issuing Certificate URL: http://pki.goog/repo/certs/gts1p5.der

Revocation information

OCSP Server: http://ocsp.pki.goog/s/gts1p5/AXgz9BfZnUI
CRL Distribution Point: http://crls.pki.goog/gts1p5/rBMEEVUA7-8.crl

Check the revocation status for certificate cafsa.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cafsa.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cafsa.org

Other certificates including the domain name cafsa.org

(limited to 100 certificates)
app.cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org.knechted.digital
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org
app.cafsa.org

Certificate

The complete raw certificate details for cafsa.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIRAL4WoK+zFg3yE7Yk8iuGaAUwDQYJKoZIhvcNAQELBQAw
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
TEMxEzARBgNVBAMTCkdUUyBDQSAxUDUwHhcNMjQwNDIyMTcyOTIyWhcNMjQwNzIx
MTcyOTIxWjAUMRIwEAYDVQQDEwljYWZzYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjKejPHFhZwGX6Y6GIWk2oWHJskL0QRe5GGoWbXXpIZlCo
FiqohoiockN/VpGKCtHQnvnIhYMHuc63wsCAcgtNRJQ3IoKMeCZQztrka0HtEKzd
p2trqKmk3vBAXDuf6xCBg3obFig6+m1mrXAlx8PoxnHMdS+OlRJws2YOxwQKOx2Y
tIEBp2vJ5gsEiSKYVtz9yR5oGR+19CcO5HcPqUOQzve74BDmUrsUAtqJlnNYeSjb
HI1cXhuRWTGcFMu5+eithI8riHX9LZ/eQe72O+3BPPOa/dAjuSOKIXKmbzBG8zo/
CEt2Ir+ob8sKgquAamMhNOUdfOROK1w7ek79CJRlAgMBAAGjggJwMIICbDAOBgNV
HQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQU6MiOjMIvrViI0eM5/MqZ2kvMGbswHwYDVR0jBBgwFoAU1fyeDd8e
yt0Il5duK8VfxSv17LgweAYIKwYBBQUHAQEEbDBqMDUGCCsGAQUFBzABhilodHRw
Oi8vb2NzcC5wa2kuZ29vZy9zL2d0czFwNS9BWGd6OUJmWm5VSTAxBggrBgEFBQcw
AoYlaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzMXA1LmRlcjAUBgNVHREE
DTALggljYWZzYS5vcmcwIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIF
AzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxcDUv
ckJNRUVWVUE3LTguY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcAGZgQcQnw
1lIuMIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoAAAGPBxHgegAABAMASDBGAiEA1IXT
YO/nNIA8JfwMVdQL3xCtbfHxRIoEhvbPl0b1lSICIQCRskIDhiUpXV4pHBtB+oO2
+EziAhN7D+ME8bPy/MILtAB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZx
H7WbAAABjwcR4EsAAAQDAEYwRAIgSfKCY725C8/IapXrmAxpBFlzhqckU2HkrHt/
vuC+V3cCIA2dR1UjosTGiYGXC3Bk8f1A165dNX6UiwvLjlhby/miMA0GCSqGSIb3
DQEBCwUAA4IBAQBiWcnl5OK0hTuNuuQztWY6tPvPKCHE0tn4Ayp0ZT/3js6tboCW
3oCxDJKFngl257AMyR7RxxOCtsSbH6zkuFgR7NpCFSd6lGfSWQe1UWBxkJk3hjxH
rwuJloUU2vYQ9tpdJp3R8txcRSikp0VuZ0902TENfIXq1N6lxBL7Bs8S22o9z4Ji
CCx9N0cWXjg4YLQS7+Kz6F8qnT1xq1YZRKvx8eOCWRGqIDYldQ1xV82ov3ih01nI
ky+8iGETn/S8TTHckO5X5oQfJEralexVTQrvQJMRvon9baREkUtIz7XuYZmSyhKv
XJtur8/Dkwgm764u7K2BwT7bpzSxwMqO+R7w
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoynozxxYWcBl+mOhiFpN
qFhybJC9EEXuRhqFm116SGZQqBYqqIaIqHJDf1aRigrR0J75yIWDB7nOt8LAgHIL
TUSUNyKCjHgmUM7a5GtB7RCs3adra6ippN7wQFw7n+sQgYN6GxYoOvptZq1wJcfD
6MZxzHUvjpUScLNmDscECjsdmLSBAadryeYLBIkimFbc/ckeaBkftfQnDuR3D6lD
kM73u+AQ5lK7FALaiZZzWHko2xyNXF4bkVkxnBTLufnorYSPK4h1/S2f3kHu9jvt
wTzzmv3QI7kjiiFypm8wRvM6PwhLdiK/qG/LCoKrgGpjITTlHXzkTitcO3pO/QiU
ZQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 252670808835911285305426918444596881413
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1P5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-22 17:29:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-21 17:29:21 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cafsa.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20597510009909753457987085539078335797498491062990302824788948376099216938309986324681440701511223513493442036817087840051931676209669427999328727727162271350697805566583207828299956964679619432552017238437394321976906489818029985309369145859274276139302550342026160303741852568134148539253472077518701956937016372073713581392114529155565110922055203645536348287463080330351095971130703534105420673711876759980929516360768940929792438859158604461529155401405257640983946186364423340941501866570768622789974998385265021548127549340349972222534808728182409891382302183070103916727988211642710210160996005314904285811813
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e8c88e8cc22fad5888d1e339fcca99da4bcc19bb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d5fc9e0ddf1ecadd0897976e2bc55fc52bf5ecb8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1p5/AXgz9BfZnUI'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1p5.der'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cafsa.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1p5/rBMEEVUA7-8.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f0711e07a0000040300483046022100d485d360efe734803c25fc0c55d40bdf10ad6df1f1448a0486f6cf9746f5952202210091b242038625295d5e291c1b41fa83b6f84ce202137b0fe304f1b3f2fcc20bb4007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f0711e04b0000040300463044022049f28263bdb90bcfc86a95eb980c6904597386a7245361e4ac7b7fbee0be577702200d9d475523a2c4c68981970b7064f1fd40d7ae5d357e948b0bcb8e585bcbf9a2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006259c9e5e4e2b4853b8dbae433b5663ab4fbcf2821c4d2d9f8032a74653ff78ecead6e8096de80b10c92859e0976e7b00cc91ed1c71382b6c49b1face4b85811ecda4215277a9467d25907b5516071909937863c47af0b89968514daf610f6da5d269dd1f2dc5c4528a4a7456e674f74d9310d7c85ead4dea5c412fb06cf12db6a3dcf8262082c7d3747165e383860b412efe2b3e85f2a9d3d71ab561944abf1f1e3825911aa203625750d7157cda8bf78a1d359c8932fbc8861139ff4bc4d31dc90ee57e6841f244ada95ec554d0aef409311be89fd6da444914b48cfb5ee619992ca12af5c9b6eafcfc3930826efae2eecad81c13edba734b1c0ca8ef91ef0