extranet.opsom.org

Issued by Gandi Standard SSL CA

About this certificate

This digital certificate with serial number 9c:03:71:6e:e7:5c:33:63:be:b6:f7:38:ba:fb:a1:cd was issued on by GANDI SAS.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=extranet.opsom.org,OU=Domain Control Validated+OU=PositiveSSL Multi-Domain

GANDI SAS

Organization: GANDI SAS
Country: FR

This certificate has expire since

Certificate Details

Serial Number (hex): 9c:03:71:6e:e7:5c:33:63:be:b6:f7:38:ba:fb:a1:cd
Serial Number (int): 207377444932008070988510523766595101133
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: c7:12:4b:35:48:2b:96:46:31:bc:95:60:1a:55:ed:48:29:0d:df:ec
AuthorityKeyId: b6:a8:ff:a2:a8:2f:d0:a6:cd:4b:b1:68:f3:e7:50:10:31:a7:79:21

Fingerprint (sha1): d2:f0:ae:5d:7f:9d:74:3a:eb:d3:6d:e4:7f:db:9f:ea:65:5e:6a:86
Fingerprint (sha256): 0f:a7:b3:50:b1:59:f7:c5:88:6f:cc:3a:db:ac:b1:b6:64:2e:26:03:3d:c5:30:e2:f8:3f:dd:5f:48:b3:87:e8

Issuing Certificate URL: http://crt.gandi.net/GandiStandardSSLCA.crt

Revocation information

OCSP Server: http://ocsp.gandi.net
CRL Distribution Point: http://crl.gandi.net/GandiStandardSSLCA.crl

Check the revocation status for certificate extranet.opsom.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for extranet.opsom.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

extranet.opsom.org
edl.opsom.org

Other certificates including the domain name opsom.org

(limited to 100 certificates)
extranet.opsom.org
mail.opsom.org
vivreici.opsom.org
*.opsom.org
extranet.opsom.org
matomo.opsom.org
*.opsom.org
extranet.opsom.org
extranet.opsom.org
extranet.opsom.org
www.opsom.org
*.opsom.org
extranet.opsom.org
*.opsom.org
extranet.opsom.org

Certificate

The complete raw certificate details for extranet.opsom.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIRAJwDcW7nXDNjvrb3OLr7oc0wDQYJKoZIhvcNAQEFBQAw
QTELMAkGA1UEBhMCRlIxEjAQBgNVBAoTCUdBTkRJIFNBUzEeMBwGA1UEAxMVR2Fu
ZGkgU3RhbmRhcmQgU1NMIENBMB4XDTE1MTAxNDAwMDAwMFoXDTE2MTAxNDIzNTk1
OVowYzEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSEwHwYDVQQL
ExhQb3NpdGl2ZVNTTCBNdWx0aS1Eb21haW4xGzAZBgNVBAMTEmV4dHJhbmV0Lm9w
c29tLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZ1Un90dYnN
5PAwMXvh1LbZG24bVCJ4WrfqIh/jNvQ1/mterc2FaZBGUZO3Y+LOsIA6t6XK5+6r
W3ommwuwCnJDObwUjWHpcGDfB5UWHcdxAhYXym3h9raRNWnp1ndfIAf0tYc8TiF5
isWvDbqigieBvrR6jDVX/jngfgbLG+lmQJxd699+PotnK45aqnKFY7MZuQJMIJG4
JLcs8itDbagEKmVBH7gj4Gfq+ceKLQEB614Lz/vlEG4hKrs27ReUWfwkGdk9yIbz
IAVUby4KWd0/NO32h6fqn7FWd6BDusztGXIQLucJUAXNq0vD6UdhA3GFLHYJSAQY
fciM7C9n05kCAwEAAaOCAbswggG3MB8GA1UdIwQYMBaAFLao/6KoL9CmzUuxaPPn
UBAxp3khMB0GA1UdDgQWBBTHEks1SCuWRjG8lWAaVe1IKQ3f7DAOBgNVHQ8BAf8E
BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwYAYDVR0gBFkwVzBLBgsrBgEEAbIxAQICGjA8MDoGCCsGAQUFBwIBFi5odHRw
Oi8vd3d3LmdhbmRpLm5ldC9jb250cmFjdHMvZnIvc3NsL2Nwcy9wZGYvMAgGBmeB
DAECATA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmdhbmRpLm5ldC9HYW5k
aVN0YW5kYXJkU1NMQ0EuY3JsMGoGCCsGAQUFBwEBBF4wXDA3BggrBgEFBQcwAoYr
aHR0cDovL2NydC5nYW5kaS5uZXQvR2FuZGlTdGFuZGFyZFNTTENBLmNydDAhBggr
BgEFBQcwAYYVaHR0cDovL29jc3AuZ2FuZGkubmV0MCwGA1UdEQQlMCOCEmV4dHJh
bmV0Lm9wc29tLm9yZ4INZWRsLm9wc29tLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEA
KwxQgexeyrYCaIIKnj4kBOmPb/uRsDs35FSjrc10zOFEQm9epossE36Ii2bqnFST
mRozjaptTzj1NOtkXHwhbBoboXyrU3WZPeUEnDEB2qXYw70VhfTEFrlx3yDULVlm
PnFRnKFAXbCyWEig6sffc00hx/znaFHlOTyelHhsNgXMMOZSdVGekK1O3zNFXiCk
48Bilzb+XEZADOR6qKNwBiixXKvygXJ0juM3wnCKwqTW92vb37CpuWasjEGeLghy
ngACmq5InyVmbsib0rmCo8i6+l1A2EzMvIcCQT8mkIhgqoaSGu2je7vBETbFdJwf
dC3rQqn2Tiq6GCqn2aAQHg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nVSf3R1ic3k8DAxe+HU
ttkbbhtUInhat+oiH+M29DX+a16tzYVpkEZRk7dj4s6wgDq3pcrn7qtbeiabC7AK
ckM5vBSNYelwYN8HlRYdx3ECFhfKbeH2tpE1aenWd18gB/S1hzxOIXmKxa8NuqKC
J4G+tHqMNVf+OeB+Bssb6WZAnF3r334+i2crjlqqcoVjsxm5AkwgkbgktyzyK0Nt
qAQqZUEfuCPgZ+r5x4otAQHrXgvP++UQbiEquzbtF5RZ/CQZ2T3IhvMgBVRvLgpZ
3T807faHp+qfsVZ3oEO6zO0ZchAu5wlQBc2rS8PpR2EDcYUsdglIBBh9yIzsL2fT
mQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 207377444932008070988510523766595101133
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GANDI SAS'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-10-14 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PositiveSSL Multi-Domain'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'extranet.opsom.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29092663903511131104722076908658187399134776912509046250440364378974147298907935571417454284387036052174516041677117017249557944924021207749292009077386076124358231161390756113893108371596869246714701692022220664130268616948849016172782046949429130307312188587240750435183256233027246916480444113397695529464054620778156058085816487355535637899750399961019585962888577972921032172409672835477191462560128759692457638340553812332712761600065318922361956953244682319632921272892670434040769652374232801025546606859318322773692414420101870066209310895010804591508430008888733515673159230476439679620280958776901345203097
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b6a8ffa2a82fd0a6cd4bb168f3e7501031a77921
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:3|t:7|false]  
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.gandi.net/contracts/fr/ssl/cps/pdf/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.gandi.net/GandiStandardSSLCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.gandi.net/GandiStandardSSLCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.gandi.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (37 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.opsom.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edl.opsom.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002b0c5081ec5ecab60268820a9e3e2404e98f6ffb91b03b37e454a3adcd74cce144426f5ea68b2c137e888b66ea9c5493991a338daa6d4f38f534eb645c7c216c1a1ba17cab5375993de5049c3101daa5d8c3bd1585f4c416b971df20d42d59663e71519ca1405db0b25848a0eac7df734d21c7fce76851e5393c9e94786c3605cc30e65275519e90ad4edf33455e20a4e3c0629736fe5c46400ce47aa8a3700628b15cabf28172748ee337c2708ac2a4d6f76bdbdfb0a9b966ac8c419e2e08729e00029aae489f25666ec89bd2b982a3c8bafa5d40d84cccbc8702413f26908860aa86921aeda37bbbc11136c5749c1f742deb42a9f64e2aba182aa7d9a0101e