*.rainer-kalthoff.de
Issued by STRATO SSL - G2
About this certificate
This digital certificate with serial number 13:e9 was issued on by STRATO AG.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=*.rainer-kalthoff.de,OU=GT95566711+OU=STRATO SSL+OU=Domain Control Validated
STRATO AG
Organization:
STRATO AG
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
DE
This certificate has expire since
Certificate Details
Serial Number (hex): 13:e9Serial Number (int): 5097
Serial Number lenght: 13 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: 0f:fb:84:42:71:6f:32:aa:27:fa:07:44:49:2a:ad:68:33:63:02:12
Fingerprint (sha1): bf:ff:d3:9b:b4:a4:7a:46:ee:f0:24:d4:42:12:12:09:02:17:e4:61
Fingerprint (sha256): 0c:86:94:73:3b:14:7b:ed:e4:4d:46:9f:9c:57:ef:a7:9a:a3:08:60:ff:db:6d:99:0a:98:fb:16:c4:d0:77:d1
Issuing Certificate URL: http://strato-aia.digitalcertvalidation.com/stratog2.crt
Revocation information
OCSP Server: http://strato-ocsp.digitalcertvalidation.comCRL Distribution Point: http://strato-crl.digitalcertvalidation.com/crls/stratog2.crl
Check the revocation status for certificate *.rainer-kalthoff.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.rainer-kalthoff.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.rainer-kalthoff.de
rainer-kalthoff.de
rainer-kalthoff.de
Other certificates including the domain name rainer-kalthoff.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.rainer-kalthoff.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgICE+kwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCREUx EjAQBgNVBAoTCVNUUkFUTyBBRzEdMBsGA1UECxMURG9tYWluIFZhbGlkYXRlZCBT U0wxGDAWBgNVBAMTD1NUUkFUTyBTU0wgLSBHMjAeFw0xNTA3MTkwMTIyMTdaFw0x NjA4MjAwNDU4MDhaMGwxEzARBgNVBAsTCkdUOTU1NjY3MTExEzARBgNVBAsTClNU UkFUTyBTU0wxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEdMBsG A1UEAwwUKi5yYWluZXIta2FsdGhvZmYuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdzoTkWbBI7M1YaCGvvnNYJxar5sqqdj1o1SIvaVcfDyZoB9Ql Dcg7lJ5qw70r4VjQreey+2ZplDU23RSeyKKiXVyu8L6HP7/gjGxCTCibEHdZcmSW DGRCXOCBbN6gDdAwJWpwErZ61P0pnRv60RWgPvM5CrvqxXQZqZa26RMfSZPGzjCD H2l8htbf7cC+UhhZ3uzjiuTwvMzpLHOesbx7aB8xu2GjEin7FiHdvF6Ga9jgJpE4 98gYfEXRo9Ca+pNR0gYGWUSty4O3hGQsTYSkf+iydUDBAGfeNsUqWqrYnETUW2cP +6ZkfIoiNwSiTGKZ8Yc0TmxhuMl74vCoal3vAgMBAAGjggHSMIIBzjAfBgNVHSME GDAWgBQP+4RCcW8yqif6B0RJKq1oM2MCEjCBkAYIKwYBBQUHAQEEgYMwgYAwOAYI KwYBBQUHMAGGLGh0dHA6Ly9zdHJhdG8tb2NzcC5kaWdpdGFsY2VydHZhbGlkYXRp b24uY29tMEQGCCsGAQUFBzAChjhodHRwOi8vc3RyYXRvLWFpYS5kaWdpdGFsY2Vy dHZhbGlkYXRpb24uY29tL3N0cmF0b2cyLmNydDAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDMGA1UdEQQsMCqCFCoucmFpbmVy LWthbHRob2ZmLmRlghJyYWluZXIta2FsdGhvZmYuZGUwTgYDVR0fBEcwRTBDoEGg P4Y9aHR0cDovL3N0cmF0by1jcmwuZGlnaXRhbGNlcnR2YWxpZGF0aW9uLmNvbS9j cmxzL3N0cmF0b2cyLmNybDAMBgNVHRMBAf8EAjAAMFYGA1UdIARPME0wSwYGZ4EM AQIBMEEwPwYIKwYBBQUHAgEWM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNv dXJjZXMvcmVwb3NpdG9yeS9sZWdhbDANBgkqhkiG9w0BAQsFAAOCAQEAdLIXp0Qt Y0vo4LVGR9X37QteDnV3qYtGrhBHhj5yWc5uLPDZNaaoVJHPvZ9GSYEV/gQvt59Z HzrIlK2Wwf7LXMDSscyyVnvS0DW9l6XiQ6wy1JfVzlJbOJn7NDX5thPX/xBLcZ8Q JDK9CxjBJTJ2eE9oomM4DFjU+JGuSGio6G1Sqd6JD9DzimJ/EPG0CxpJdisZT/Wo Ucx+b2ZJf79bL9IAIY4FQdgg2teTAh9s2HyV9fedAw95z5CFag8NJyeN+1xMXUux 02fIM75I/fKGLjtVsWKeU2PmRGf87+HvrnGy/3jpmyZLB1+wEPcxtuKkWVfo3FHE NRCbGnNS/ym2gg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc6E5FmwSOzNWGghr75z WCcWq+bKqnY9aNUiL2lXHw8maAfUJQ3IO5SeasO9K+FY0K3nsvtmaZQ1Nt0Unsii ol1crvC+hz+/4IxsQkwomxB3WXJklgxkQlzggWzeoA3QMCVqcBK2etT9KZ0b+tEV oD7zOQq76sV0GamWtukTH0mTxs4wgx9pfIbW3+3AvlIYWd7s44rk8LzM6SxznrG8 e2gfMbthoxIp+xYh3bxehmvY4CaROPfIGHxF0aPQmvqTUdIGBllErcuDt4RkLE2E pH/osnVAwQBn3jbFKlqq2JxE1FtnD/umZHyKIjcEokximfGHNE5sYbjJe+LwqGpd 7wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5097 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'STRATO AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'STRATO SSL - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-07-19 01:22:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-20 04:58:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT95566711' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'STRATO SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.rainer-kalthoff.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19921252248059540945167688406722728358265870924985222015173850149708787903688285747723701003561617548273214098126830311922396665071289860849612391831884733217769117642904823192763306756971888684945816816563676991930607301547941970755753431393356297120647776788660031482560037428350668939864109080923841712403482155794128685702754279023805456932321035384581494860096398465784398359538593177875007790324500275231078016402276520133718506242674629934884631650846840325274238044678778341109465580238211393777767732175162409928221678821858381029571332216737588292644561996076581896353850986998334317636893411546773284609519 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0ffb8442716f32aa27fa0744492aad6833630212 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (131 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://strato-ocsp.digitalcertvalidation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://strato-aia.digitalcertvalidation.com/stratog2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rainer-kalthoff.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rainer-kalthoff.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://strato-crl.digitalcertvalidation.com/crls/stratog2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0074b217a7442d634be8e0b54647d5f7ed0b5e0e7577a98b46ae1047863e7259ce6e2cf0d935a6a85491cfbd9f46498115fe042fb79f591f3ac894ad96c1fecb5cc0d2b1ccb2567bd2d035bd97a5e243ac32d497d5ce525b3899fb3435f9b613d7ff104b719f102432bd0b18c1253276784f68a263380c58d4f891ae4868a8e86d52a9de890fd0f38a627f10f1b40b1a49762b194ff5a851cc7e6f66497fbf5b2fd200218e0541d820dad793021f6cd87c95f5f79d030f79cf90856a0f0d27278dfb5c4c5d4bb1d367c833be48fdf2862e3b55b1629e5363e64467fcefe1efae71b2ff78e99b264b075fb010f731b6e2a45957e8dc51c435109b1a7352ff29b682