diamondsaretacky.com
Issued by GTS CA 1P5
About this certificate
This digital certificate with serial number c5:cf:4d:c5:bb:60:82:2d:0d:7e:6d:af:8a:c2:a9:2c was issued on by Google Trust Services LLC.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=diamondsaretacky.com
Google Trust Services LLC
Organization:
Google Trust Services LLC
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): c5:cf:4d:c5:bb:60:82:2d:0d:7e:6d:af:8a:c2:a9:2cSerial Number (int): 262934298030823001223846077275270457644
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 93:33:3d:f8:1e:68:04:62:9e:4d:0e:71:ab:16:00:f5:da:c6:0a:ba
AuthorityKeyId: d5:fc:9e:0d:df:1e:ca:dd:08:97:97:6e:2b:c5:5f:c5:2b:f5:ec:b8
Fingerprint (sha1): be:81:d3:85:b4:27:b2:67:86:f0:da:95:49:de:05:12:83:74:c4:74
Fingerprint (sha256): 0b:eb:c2:44:4f:be:b0:47:a0:92:6c:8f:2c:2d:ab:ae:8a:09:a7:a4:4d:39:fd:27:19:98:78:d2:2e:72:da:fd
Issuing Certificate URL: http://pki.goog/repo/certs/gts1p5.der
Revocation information
OCSP Server: http://ocsp.pki.goog/s/gts1p5/AkBAkhxlN18CRL Distribution Point: http://crls.pki.goog/gts1p5/Dyi2hdNngoU.crl
Check the revocation status for certificate diamondsaretacky.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for diamondsaretacky.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
diamondsaretacky.com
*.diamondsaretacky.com
*.diamondsaretacky.com
Other certificates including the domain name diamondsaretacky.com
(limited to 100 certificates)
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
diamondsaretacky.com
Certificate
The complete raw certificate details for diamondsaretacky.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFhTCCBG2gAwIBAgIRAMXPTcW7YIItDX5tr4rCqSwwDQYJKoZIhvcNAQELBQAw RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM TEMxEzARBgNVBAMTCkdUUyBDQSAxUDUwHhcNMjMxMDIyMTMyNjA0WhcNMjQwMTIw MTMyNjAzWjAfMR0wGwYDVQQDExRkaWFtb25kc2FyZXRhY2t5LmNvbTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAIYdhdlgr1aB1L6l9+jTo/R9vYS5943l lh8yVHo+Ctky6MvqqHQkHf1akVn0P3ovCTbgQc+d0IWd8yzUa87gy3lI0OW3/bC7 HB2n9V7Sk06xKBqW4Am8i3/iMWV3aC5Z5w6TdnjvY/4nmUVOs3lAjsED/8aCb4i5 rBMViNfx07cBxHtR+HPc6yFmZHqB9WWAtRLlIZfwJvNozjvUfnsIo/L+G042bfz0 +Z6T5nV63yp4ZFlPGcth/WyQS4eMhmKhI1+a2KrgggCHJbQHRPRNaOOnh4rF4FSe N0zsdNraa5gv1EAMntSGClOuE8qui3d7sPDl9lxK/5+I3BVSTSVsqjMCAwEAAaOC ApMwggKPMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBSTMz34HmgEYp5NDnGrFgD12sYKujAfBgNVHSME GDAWgBTV/J4N3x7K3QiXl24rxV/FK/XsuDB4BggrBgEFBQcBAQRsMGowNQYIKwYB BQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMXA1L0FrQkFraHhsTjE4 MDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMxcDUu ZGVyMDcGA1UdEQQwMC6CFGRpYW1vbmRzYXJldGFja3kuY29tghYqLmRpYW1vbmRz YXJldGFja3kuY29tMCEGA1UdIAQaMBgwCAYGZ4EMAQIBMAwGCisGAQQB1nkCBQMw PAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybHMucGtpLmdvb2cvZ3RzMXA1L0R5 aTJoZE5uZ29VLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3AEiw42vapkc0 D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABi1fHXhYAAAQDAEgwRgIhAID7MOxi mxG3Z2RoKLoIbSVzNyeDqKKc2a+cA3qR22hZAiEAnPwiZcbfostNGZAktaTrvqiM WnaSV2U1iQ0qA3CXuYUAdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6 dAAAAYtXx14lAAAEAwBGMEQCIC0uhWFM0bDNx/HCS1Ni5JpIXWPv+iX8XLxbKb62 jN1uAiAWrSFI4rJyd4YVzrNIbZExE2OQ13+v2JJDGbBE3M74QDANBgkqhkiG9w0B AQsFAAOCAQEAkkW05onNkkFEi4zsRiwesKNlieQdS5bjPWjsrEQ5C7foy6J97gUg AKJx4svY6cYbK9jArrYZ6sB+d1L6q2s/gZ7W0BdASIxM4lpE07VC0GQOzwKXBZGE 1AYurFx96fmlztrkrSku0jU3R2hQfZ0G99gb7fclVVApvrAeO+a3rkdPUR5UgI5s buH7NFYzsRg1RvCUDImIne0HEUBl1DI3qI6fdZvdmKXZyHwLGzGQgVYmSKPxjqwd 6eCNsqxUz5B+CulrawN6Vy7UUAoGhgCVdf41tJXRxDA7DAu84QXex+JOjELitjX9 aHBvg39GR9ymhApelbvUQvVoDBtFpAu0FA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh2F2WCvVoHUvqX36NOj 9H29hLn3jeWWHzJUej4K2TLoy+qodCQd/VqRWfQ/ei8JNuBBz53QhZ3zLNRrzuDL eUjQ5bf9sLscHaf1XtKTTrEoGpbgCbyLf+IxZXdoLlnnDpN2eO9j/ieZRU6zeUCO wQP/xoJviLmsExWI1/HTtwHEe1H4c9zrIWZkeoH1ZYC1EuUhl/Am82jOO9R+ewij 8v4bTjZt/PT5npPmdXrfKnhkWU8Zy2H9bJBLh4yGYqEjX5rYquCCAIcltAdE9E1o 46eHisXgVJ43TOx02tprmC/UQAye1IYKU64Tyq6Ld3uw8OX2XEr/n4jcFVJNJWyq MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 262934298030823001223846077275270457644 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1P5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-22 13:26:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-20 13:26:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'diamondsaretacky.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16930491124478274477242949241746347771369722136131689436330895610729924068715883875336446595774782469984034811481056374305053563478817231024789250861469646887013169004838945776001612895851237703978452821615713784899893513123597402765784093487719861250928928038464585075126044353993302463019766695961222351123192423655079632390150557115178467562651462866680014403131873378651980384589396132629547092690043278137733596751717947829264384545322076000061031987090288661672643156454511564317516659194893629464581458123423683801128767464448831174617002420745502390984574261706842868669678051053405766280309131913119763573299 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 93333df81e6804629e4d0e71ab1600f5dac60aba . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d5fc9e0ddf1ecadd0897976e2bc55fc52bf5ecb8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1p5/AkBAkhxlN18' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1p5.der' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diamondsaretacky.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.diamondsaretacky.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1p5/Dyi2hdNngoU.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b57c75e16000004030048304602210080fb30ec629b11b767646828ba086d2573372783a8a29cd9af9c037a91db68590221009cfc2265c6dfa2cb4d199024b5a4ebbea88c5a7692576535890d2a037097b98500750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b57c75e25000004030046304402202d2e85614cd1b0cdc7f1c24b5362e49a485d63effa25fc5cbc5b29beb68cdd6e022016ad2148e2b272778615ceb3486d9131136390d77fafd8924319b044dccef840 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009245b4e689cd9241448b8cec462c1eb0a36589e41d4b96e33d68ecac44390bb7e8cba27dee052000a271e2cbd8e9c61b2bd8c0aeb619eac07e7752faab6b3f819ed6d01740488c4ce25a44d3b542d0640ecf0297059184d4062eac5c7de9f9a5cedae4ad292ed235374768507d9d06f7d81bedf725555029beb01e3be6b7ae474f511e54808e6c6ee1fb345633b1183546f0940c89889ded07114065d43237a88e9f759bdd98a5d9c87c0b1b319081562648a3f18eac1de9e08db2ac54cf907e0ae96b6b037a572ed4500a0686009575fe35b495d1c4303b0c0bbce105dec7e24e8c42e2b635fd68706f837f4647dca6840a5e95bbd442f5680c1b45a40bb414