*.google.co.tz
Issued by GTS CA 1C3
About this certificate
This digital certificate with serial number 88:9a:66:6c:ad:1b:35:14:0a:72:6a:f8:19:24:dd:d8 was issued on by Google Trust Services LLC.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.google.co.tz
Google Trust Services LLC
Organization:
Google Trust Services LLC
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 88:9a:66:6c:ad:1b:35:14:0a:72:6a:f8:19:24:dd:d8Serial Number (int): 181576698558957844531976706499226688984
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 30:c2:62:42:14:16:39:db:b4:95:3b:ef:85:bd:7f:7e:6e:7b:0a:6e
AuthorityKeyId: 8a:74:7f:af:85:cd:ee:95:cd:3d:9c:d0:e2:46:14:f3:71:35:1d:27
Fingerprint (sha1): 6a:ce:bc:50:7f:bf:3a:0d:a1:00:8e:b7:d8:7e:d0:bd:fc:1d:0c:80
Fingerprint (sha256): 0d:14:10:1b:52:45:79:02:0a:5c:83:3c:59:b8:f1:52:52:b9:ef:98:8d:ae:45:8b:5f:ff:e7:64:28:2b:07:80
Issuing Certificate URL: http://pki.goog/repo/certs/gts1c3.der
Revocation information
OCSP Server: http://ocsp.pki.goog/gts1c3CRL Distribution Point: http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl
Check the revocation status for certificate *.google.co.tz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.google.co.tz
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.google.co.tz
google.co.tz
google.co.tz
Other certificates including the domain name google.co.tz
(limited to 100 certificates)
google.com
*.google.co.tz
*.google.co.tz
google.com
google.com
google.com
*.googleapis.com
google.com
*.google.co.tz
google.com
google.com
*.googleapis.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
*.googleapis.com
google.com
google.com
google.com
*.googleapis.com
*.google.co.tz
google.com
google.com
google.com
google.com
google.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
google.com
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.google.co.tz
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.google.co.tz
google.com
*.google.co.tz
*.googleapis.com
*.google.co.tz
google.com
google.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
*.googleapis.com
google.com
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.googleapis.com
*.google.co.tz
*.googleapis.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
*.google.co.tz
*.google.co.tz
google.com
google.com
google.com
google.com
google.com
google.com
*.googleapis.com
*.googleapis.com
*.google.co.tz
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
google.com
google.com
*.googleapis.com
google.com
*.google.co.tz
google.com
google.com
*.googleapis.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
*.googleapis.com
google.com
google.com
google.com
*.googleapis.com
*.google.co.tz
google.com
google.com
google.com
google.com
google.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
google.com
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.google.co.tz
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.google.co.tz
google.com
*.google.co.tz
*.googleapis.com
*.google.co.tz
google.com
google.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
*.googleapis.com
google.com
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.googleapis.com
*.googleapis.com
*.google.co.tz
*.googleapis.com
*.google.co.tz
*.googleapis.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
google.com
google.com
google.com
*.google.co.tz
*.google.co.tz
*.google.co.tz
*.google.co.tz
*.google.co.tz
*.google.co.tz
google.com
*.google.co.tz
*.google.co.tz
google.com
google.com
google.com
google.com
google.com
google.com
*.googleapis.com
*.googleapis.com
*.google.co.tz
google.com
*.google.co.tz
Certificate
The complete raw certificate details for *.google.co.tz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEljCCA36gAwIBAgIRAIiaZmytGzUUCnJq+Bkk3dgwDQYJKoZIhvcNAQELBQAw RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM TEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjQwMjE5MDgyMTExWhcNMjQwNTEz MDgyMTEwWjAZMRcwFQYDVQQDDA4qLmdvb2dsZS5jby50ejBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABGjtTUeqigMA8O8EYma+xOIPYOf1anVk3BPQ5YL8zRLfXjTM svVFNqN3fuKA3XA0qpMQ2bspOnj5FmlFzc0zVKWjggJ1MIICcTAOBgNVHQ8BAf8E BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUMMJiQhQWOdu0lTvvhb1/fm57Cm4wHwYDVR0jBBgwFoAUinR/r4XN7pXNPZzQ 4kYU83E1HScwagYIKwYBBQUHAQEEXjBcMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz cC5wa2kuZ29vZy9ndHMxYzMwMQYIKwYBBQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9y ZXBvL2NlcnRzL2d0czFjMy5kZXIwJwYDVR0RBCAwHoIOKi5nb29nbGUuY28udHqC DGdvb2dsZS5jby50ejAhBgNVHSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUD MDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czFjMy9R cUZ4Ymk5TTQ4Yy5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB2/4g/Crb7 lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY3Aq1uGAAAEAwBHMEUCICQVwFPT wHvnBX9LHVJcMihGTs+eGl+6pggdl7XEMimYAiEAhlqPtNUqYHn2ZRwUCX5/ZN/T TSv3HF16zTU7D6+/0mIAdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7 qwAAAY3Aq19yAAAEAwBHMEUCIQDQhQUE7cvbKKEw0CUfNjXjEWyMX1UmvU0iVaK+ QfXfBwIgITBjwHVvWIxobjldWSsdfzZ2TY6T/vSFWDnqgEtWudswDQYJKoZIhvcN AQELBQADggEBAJN6qlir2+/Ny0exTCQ3dLUMbGM0GO01EH1FT9TzvGlQtElQ86uz 7ei5xuR0cMweSoz7iBF6x/5UfyUF66dbWE9JpB4gw5UYl5JQlWbOBkGZrP8gs7no PpKoPZu7/KYILZid6qpTNnQUVvQWRvvjOz9fBIVl9H3sCsqOk1GluGW7YxZeqJMm 8kR6VhAdU1XWlch37HhZuKwPfvoNu9Vq1Wj4E2IWVM8uH5ykeP7joAwVQ/2ZUE65 7OM/fiLJ9M8TKWNRN30mZX+F1OzmZJ2wan9Id3ncGathIARivLXyvOxsjtxmkZmF Zh9pFoV4yXya9XAY4cQk3H43NdLsRDhpGiM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaO1NR6qKAwDw7wRiZr7E4g9g5/Vq dWTcE9DlgvzNEt9eNMyy9UU2o3d+4oDdcDSqkxDZuyk6ePkWaUXNzTNUpQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 181576698558957844531976706499226688984 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1C3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-19 08:21:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-13 08:21:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.google.co.tz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 000468ed4d47aa8a0300f0ef046266bec4e20f60e7f56a7564dc13d0e582fccd12df5e34ccb2f54536a3777ee280dd7034aa9310d9bb293a78f9166945cdcd3354a5 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 30c26242141639dbb4953bef85bd7f7e6e7b0a6e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8a747faf85cdee95cd3d9cd0e24614f371351d27 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/gts1c3' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1c3.der' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.google.co.tz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'google.co.tz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018dc0ab5b86000004030047304502202415c053d3c07be7057f4b1d525c3228464ecf9e1a5fbaa6081d97b5c4322998022100865a8fb4d52a6079f6651c14097e7f64dfd34d2bf71c5d7acd353b0fafbfd262007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018dc0ab5f720000040300473045022100d0850504edcbdb28a130d0251f3635e3116c8c5f5526bd4d2255a2be41f5df070220213063c0756f588c686e395d592b1d7f36764d8e93fef4855839ea804b56b9db . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00937aaa58abdbefcdcb47b14c243774b50c6c633418ed35107d454fd4f3bc6950b44950f3abb3ede8b9c6e47470cc1e4a8cfb88117ac7fe547f2505eba75b584f49a41e20c395189792509566ce064199acff20b3b9e83e92a83d9bbbfca6082d989deaaa5336741456f41646fbe33b3f5f048565f47dec0aca8e9351a5b865bb63165ea89326f2447a56101d5355d695c877ec7859b8ac0f7efa0dbbd56ad568f813621654cf2e1f9ca478fee3a00c1543fd99504eb9ece33f7e22c9f4cf13296351377d26657f85d4ece6649db06a7f487779dc19ab61200462bcb5f2bcec6c8edc66919985661f69168578c97c9af57018e1c424dc7e3735d2ec4438691a23