diamondsaretacky.com

Issued by GTS CA 1P5

About this certificate

This digital certificate with serial number c5:cf:4d:c5:bb:60:82:2d:0d:7e:6d:af:8a:c2:a9:2c was issued on by Google Trust Services LLC.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=diamondsaretacky.com

Google Trust Services LLC

Organization: Google Trust Services LLC
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): c5:cf:4d:c5:bb:60:82:2d:0d:7e:6d:af:8a:c2:a9:2c
Serial Number (int): 262934298030823001223846077275270457644
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 93:33:3d:f8:1e:68:04:62:9e:4d:0e:71:ab:16:00:f5:da:c6:0a:ba
AuthorityKeyId: d5:fc:9e:0d:df:1e:ca:dd:08:97:97:6e:2b:c5:5f:c5:2b:f5:ec:b8

Fingerprint (sha1): be:81:d3:85:b4:27:b2:67:86:f0:da:95:49:de:05:12:83:74:c4:74
Fingerprint (sha256): 0b:eb:c2:44:4f:be:b0:47:a0:92:6c:8f:2c:2d:ab:ae:8a:09:a7:a4:4d:39:fd:27:19:98:78:d2:2e:72:da:fd

Issuing Certificate URL: http://pki.goog/repo/certs/gts1p5.der

Revocation information

OCSP Server: http://ocsp.pki.goog/s/gts1p5/AkBAkhxlN18
CRL Distribution Point: http://crls.pki.goog/gts1p5/Dyi2hdNngoU.crl

Check the revocation status for certificate diamondsaretacky.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for diamondsaretacky.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

diamondsaretacky.com
*.diamondsaretacky.com

Other certificates including the domain name diamondsaretacky.com

(limited to 100 certificates)
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com

Certificate

The complete raw certificate details for diamondsaretacky.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIRAMXPTcW7YIItDX5tr4rCqSwwDQYJKoZIhvcNAQELBQAw
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
TEMxEzARBgNVBAMTCkdUUyBDQSAxUDUwHhcNMjMxMDIyMTMyNjA0WhcNMjQwMTIw
MTMyNjAzWjAfMR0wGwYDVQQDExRkaWFtb25kc2FyZXRhY2t5LmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAIYdhdlgr1aB1L6l9+jTo/R9vYS5943l
lh8yVHo+Ctky6MvqqHQkHf1akVn0P3ovCTbgQc+d0IWd8yzUa87gy3lI0OW3/bC7
HB2n9V7Sk06xKBqW4Am8i3/iMWV3aC5Z5w6TdnjvY/4nmUVOs3lAjsED/8aCb4i5
rBMViNfx07cBxHtR+HPc6yFmZHqB9WWAtRLlIZfwJvNozjvUfnsIo/L+G042bfz0
+Z6T5nV63yp4ZFlPGcth/WyQS4eMhmKhI1+a2KrgggCHJbQHRPRNaOOnh4rF4FSe
N0zsdNraa5gv1EAMntSGClOuE8qui3d7sPDl9lxK/5+I3BVSTSVsqjMCAwEAAaOC
ApMwggKPMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBSTMz34HmgEYp5NDnGrFgD12sYKujAfBgNVHSME
GDAWgBTV/J4N3x7K3QiXl24rxV/FK/XsuDB4BggrBgEFBQcBAQRsMGowNQYIKwYB
BQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMXA1L0FrQkFraHhsTjE4
MDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMxcDUu
ZGVyMDcGA1UdEQQwMC6CFGRpYW1vbmRzYXJldGFja3kuY29tghYqLmRpYW1vbmRz
YXJldGFja3kuY29tMCEGA1UdIAQaMBgwCAYGZ4EMAQIBMAwGCisGAQQB1nkCBQMw
PAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybHMucGtpLmdvb2cvZ3RzMXA1L0R5
aTJoZE5uZ29VLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AEiw42vapkc0
D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi1fHXhYAAAQDAEgwRgIhAID7MOxi
mxG3Z2RoKLoIbSVzNyeDqKKc2a+cA3qR22hZAiEAnPwiZcbfostNGZAktaTrvqiM
WnaSV2U1iQ0qA3CXuYUAdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6
dAAAAYtXx14lAAAEAwBGMEQCIC0uhWFM0bDNx/HCS1Ni5JpIXWPv+iX8XLxbKb62
jN1uAiAWrSFI4rJyd4YVzrNIbZExE2OQ13+v2JJDGbBE3M74QDANBgkqhkiG9w0B
AQsFAAOCAQEAkkW05onNkkFEi4zsRiwesKNlieQdS5bjPWjsrEQ5C7foy6J97gUg
AKJx4svY6cYbK9jArrYZ6sB+d1L6q2s/gZ7W0BdASIxM4lpE07VC0GQOzwKXBZGE
1AYurFx96fmlztrkrSku0jU3R2hQfZ0G99gb7fclVVApvrAeO+a3rkdPUR5UgI5s
buH7NFYzsRg1RvCUDImIne0HEUBl1DI3qI6fdZvdmKXZyHwLGzGQgVYmSKPxjqwd
6eCNsqxUz5B+CulrawN6Vy7UUAoGhgCVdf41tJXRxDA7DAu84QXex+JOjELitjX9
aHBvg39GR9ymhApelbvUQvVoDBtFpAu0FA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh2F2WCvVoHUvqX36NOj
9H29hLn3jeWWHzJUej4K2TLoy+qodCQd/VqRWfQ/ei8JNuBBz53QhZ3zLNRrzuDL
eUjQ5bf9sLscHaf1XtKTTrEoGpbgCbyLf+IxZXdoLlnnDpN2eO9j/ieZRU6zeUCO
wQP/xoJviLmsExWI1/HTtwHEe1H4c9zrIWZkeoH1ZYC1EuUhl/Am82jOO9R+ewij
8v4bTjZt/PT5npPmdXrfKnhkWU8Zy2H9bJBLh4yGYqEjX5rYquCCAIcltAdE9E1o
46eHisXgVJ43TOx02tprmC/UQAye1IYKU64Tyq6Ld3uw8OX2XEr/n4jcFVJNJWyq
MwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 262934298030823001223846077275270457644
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1P5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-22 13:26:04 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-20 13:26:03 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'diamondsaretacky.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16930491124478274477242949241746347771369722136131689436330895610729924068715883875336446595774782469984034811481056374305053563478817231024789250861469646887013169004838945776001612895851237703978452821615713784899893513123597402765784093487719861250928928038464585075126044353993302463019766695961222351123192423655079632390150557115178467562651462866680014403131873378651980384589396132629547092690043278137733596751717947829264384545322076000061031987090288661672643156454511564317516659194893629464581458123423683801128767464448831174617002420745502390984574261706842868669678051053405766280309131913119763573299
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							93333df81e6804629e4d0e71ab1600f5dac60aba
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d5fc9e0ddf1ecadd0897976e2bc55fc52bf5ecb8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1p5/AkBAkhxlN18'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1p5.der'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diamondsaretacky.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.diamondsaretacky.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1p5/Dyi2hdNngoU.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b57c75e16000004030048304602210080fb30ec629b11b767646828ba086d2573372783a8a29cd9af9c037a91db68590221009cfc2265c6dfa2cb4d199024b5a4ebbea88c5a7692576535890d2a037097b98500750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b57c75e25000004030046304402202d2e85614cd1b0cdc7f1c24b5362e49a485d63effa25fc5cbc5b29beb68cdd6e022016ad2148e2b272778615ceb3486d9131136390d77fafd8924319b044dccef840
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009245b4e689cd9241448b8cec462c1eb0a36589e41d4b96e33d68ecac44390bb7e8cba27dee052000a271e2cbd8e9c61b2bd8c0aeb619eac07e7752faab6b3f819ed6d01740488c4ce25a44d3b542d0640ecf0297059184d4062eac5c7de9f9a5cedae4ad292ed235374768507d9d06f7d81bedf725555029beb01e3be6b7ae474f511e54808e6c6ee1fb345633b1183546f0940c89889ded07114065d43237a88e9f759bdd98a5d9c87c0b1b319081562648a3f18eac1de9e08db2ac54cf907e0ae96b6b037a572ed4500a0686009575fe35b495d1c4303b0c0bbce105dec7e24e8c42e2b635fd68706f837f4647dca6840a5e95bbd442f5680c1b45a40bb414