idefix.mi.infn.it

Issued by TERENA SSL CA

About this certificate


This digital certificate with serial number a9:82:94:0b:6c:23:a3:8e:4d:1c:94:9d:eb:96:94:7c was issued on by TERENA .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set

Istituto Nazionale di Fisica Nucleare - Sezione di Milano

Organization: Istituto Nazionale di Fisica Nucleare - Sezione di Milano
Organization unit: Sezione di Milano
Country: IT

TERENA

Organization: TERENA
Country: IT

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): a9:82:94:0b:6c:23:a3:8e:4d:1c:94:9d:eb:96:94:7c
Serial Number (int): 225317532580858904051705440540919501948
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: ef:8a:0c:e6:9d:9b:63:85:74:31:d6:c0:f0:63:a4:80:0a:be:cf:08
AuthorityKeyId: 0c:bd:93:68:0c:f3:de:ab:a3:49:6b:2b:37:57:47:ea:90:e3:b9:ed

Fingerprint (sha1): fa:b0:41:a0:0e:f5:57:20:f6:c5:d4:f1:cd:a0:96:e9:84:0d:b3:3f
Fingerprint (sha256): fe:95:01:c6:2d:d2:9b:d3:b4:ab:35:75:3e:4f:ef:34:cf:55:17:ca:0a:8c:51:5a:1f:e7:38:bc:58:33:a9:86

Issuing Certificate URL: http://crt.tcs.terena.org/TERENASSLCA.crt

Revocation information

OCSP Server: http://ocsp.tcs.terena.org
CRL Distribution Point: http://crl.tcs.terena.org/TERENASSLCA.crl

Check the revocation status for the current certificate on idefix.mi.infn.it
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: idefix.mi.infn.it

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIEsTCCA5mgAwIBAgIRAKmClAtsI6OOTRyUneuWlHwwDQYJKoZIhvcNAQEFBQAw NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B IFNTTCBDQTAeFw0xMDA1MTMwMDAwMDBaFw0xMzA1MTIyMzU5NTlaMIGJMQswCQYD VQQGEwJJVDFCMEAGA1UEChM5SXN0aXR1dG8gTmF6aW9uYWxlIGRpIEZpc2ljYSBO dWNsZWFyZSAtIFNlemlvbmUgZGkgTWlsYW5vMRowGAYDVQQLExFTZXppb25lIGRp IE1pbGFubzEaMBgGA1UEAxMRaWRlZml4Lm1pLmluZm4uaXQwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDHgP5YJJ2kjKvLwcEic0hI/u89begfaSc4NgI7 Syk5+xdlO9BzvXlDGM/QLNcxox0e38SH5iH+bGar7kYR6yKEcMRdqxsZCm7LFaTP yJeaedqBeJWGubN2zlfaFk/2KiJvOxyh+gSUJm8VRGt1NlaUEfItTBEIKNaOZKS5 72GAR35lhwfU4TNTQfQnZSnZqq+Ye2OieQca9C9GXU1GZCMMjz17jGcwxv7KhPqm viQxew40L8BuH71q8EUnMEuC2uHSQ85zKyLA1zMK6hKH2EjM+3ni3yx2BAr1dYhN /IvPUJf8MxRuDGLvJ2SesFkDQIEPW0dOsVUo978YMd/zAgkBAgMBAAGjggFkMIIB YDAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQU74oM 5p2bY4V0MdbA8GOkgAq+zwgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYB BAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5h Lm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAC hilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggr BgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwHAYDVR0RBBUwE4IR aWRlZml4Lm1pLmluZm4uaXQwDQYJKoZIhvcNAQEFBQADggEBAELfM+eF7xCbyxPB dkVtmYZwPOAN8KDXqykOYzHqfCfX4Z7nveU+5May9zB7dtBzMoPdhNLEDV2k6RGI cfDJAtRH54G0N2Spv3T3BWTjQJQVsHH4XCCsDAbR7MB12AuA7pWZ13P1SixUuClF GXgwo3dPkAUU+T/3N2OclfzEPXkwYMjYhxUkd35SITpSqcXrQqYBE/f8b8f/1wwi 45UrzcZ+07e3CaPKHPNPYFvMUI+Zb2el/jtpythG3FmIOdx+wIUAzkgOb6BfW4dp a2KB5dvDvIajnt1ESLNPgWEvy8+Hq365TkhWOcKXIVKfKyj2cWcjvOkhD2JQ4fYj zH0piKM= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4D+WCSdpIyry8HBInNI SP7vPW3oH2knODYCO0spOfsXZTvQc715QxjP0CzXMaMdHt/Eh+Yh/mxmq+5GEesi hHDEXasbGQpuyxWkz8iXmnnagXiVhrmzds5X2hZP9ioibzscofoElCZvFURrdTZW lBHyLUwRCCjWjmSkue9hgEd+ZYcH1OEzU0H0J2Up2aqvmHtjonkHGvQvRl1NRmQj DI89e4xnMMb+yoT6pr4kMXsONC/Abh+9avBFJzBLgtrh0kPOcysiwNczCuoSh9hI zPt54t8sdgQK9XWITfyLz1CX/DMUbgxi7ydknrBZA0CBD1tHTrFVKPe/GDHf8wIJ AQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 225317532580858904051705440540919501948 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-05-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-05-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Istituto Nazionale di Fisica Nucleare - Sezione di Milano' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sezione di Milano' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'idefix.mi.infn.it' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25185031769842611899362306876591599316124247077566445638053843763015739185896341625520852222846188175146389781112426909174546591713142394172586900502225219925635534797125734714413702762318267549586324432371855820388121164112940175757671489503037460958789353137200411182747987219585518507237005343285923724970151910702172880216771886462687514759565720463459609236439722405218600257359570367150177094602000944998028936916813189164125665572400267232596915431308940951064448066912287323539592798943432371121364934558726954421109479817453503370716226128386779453946396928509409231838922580587700177554800712041538158463233 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0cbd93680cf3deaba3496b2b375747ea90e3b9ed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ef8a0ce69d9b63857431d6c0f063a4800abecf08 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.tcs.terena.org/TERENASSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.tcs.terena.org/TERENASSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.tcs.terena.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idefix.mi.infn.it' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042df33e785ef109bcb13c176456d9986703ce00df0a0d7ab290e6331ea7c27d7e19ee7bde53ee4c6b2f7307b76d0733283dd84d2c40d5da4e9118871f0c902d447e781b43764a9bf74f70564e3409415b071f85c20ac0c06d1ecc075d80b80ee9599d773f54a2c54b82945197830a3774f900514f93ff737639c95fcc43d793060c8d8871524777e52213a52a9c5eb42a60113f7fc6fc7ffd70c22e3952bcdc67ed3b7b709a3ca1cf34f605bcc508f996f67a5fe3b69cad846dc598839dc7ec08500ce480e6fa05f5b87696b6281e5dbc3bc86a39edd4448b34f81612fcbcf87ab7eb94e485639c29721529f2b28f6716723bce9210f6250e1f623cc7d2988a3