www.boisdalain.fr

Issued by Gandi RSA Domain Validation Secure Server CA 3

About this certificate

This digital certificate with serial number 4a:e7:94:aa:fb:3c:db:31:a7:eb:da:ee:48:58:91:c0 was issued on by Gandi.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.boisdalain.fr

Gandi

Organization: Gandi
Country: FR

This certificate will expire on

Certificate Details

Serial Number (hex): 4a:e7:94:aa:fb:3c:db:31:a7:eb:da:ee:48:58:91:c0
Serial Number (int): 99565307605568595777817105813741277632
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: ca:0e:f4:9c:1a:5b:f8:b1:91:de:69:32:10:d2:66:22:f2:01:93:93
AuthorityKeyId: 81:11:92:de:66:32:a5:b0:5b:33:3d:65:43:85:fc:d4:04:2d:f1:ae

Fingerprint (sha1): 73:9d:69:75:74:94:62:3c:f7:5e:df:fa:97:9d:bb:5e:55:57:fe:b3
Fingerprint (sha256): 1f:1a:54:d5:e1:76:7c:01:d7:33:a6:fe:50:db:27:e5:22:aa:75:f7:e3:a3:5b:d1:8a:39:b9:2d:44:81:1e:40

Issuing Certificate URL: http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate www.boisdalain.fr

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.boisdalain.fr

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.boisdalain.fr

Other certificates including the domain name boisdalain.fr

(limited to 100 certificates)

Certificate

The complete raw certificate details for www.boisdalain.fr in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFozCCBAugAwIBAgIQSueUqvs82zGn69ruSFiRwDANBgkqhkiG9w0BAQwFADBW
MQswCQYDVQQGEwJGUjEOMAwGA1UEChMFR2FuZGkxNzA1BgNVBAMTLkdhbmRpIFJT
QSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBIDMwHhcNMjMxMjIz
MDAwMDAwWhcNMjUwMTIyMjM1OTU5WjAcMRowGAYDVQQDExF3d3cuYm9pc2RhbGFp
bi5mcjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBsLWfTmU/h0+MYkpyd1vydT
DB43QQdlGg37/nW5gw6aEdPDLswKbzKdRZC8IRFQ0atkIGZgo2OaK8UiuB/qvRKj
ggLwMIIC7DAfBgNVHSMEGDAWgBSBEZLeZjKlsFszPWVDhfzUBC3xrjAdBgNVHQ4E
FgQUyg70nBpb+LGR3mkyENJmIvIBk5MwDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB
/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAw
NAYLKwYBBAGyMQECAhowJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNv
bS9DUFMwCAYGZ4EMAQIBMIGDBggrBgEFBQcBAQR3MHUwTgYIKwYBBQUHMAKGQmh0
dHA6Ly9jcnQuc2VjdGlnby5jb20vR2FuZGlSU0FEb21haW5WYWxpZGF0aW9uU2Vj
dXJlU2VydmVyQ0EzLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGln
by5jb20wHAYDVR0RBBUwE4IRd3d3LmJvaXNkYWxhaW4uZnIwggF8BgorBgEEAdZ5
AgQCBIIBbASCAWgBZgB2AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsI
AAABjJQgi1QAAAQDAEcwRQIhAMEcYNlpi3G1olQ6C3XEwsGnSWU2MiqT7tj24pYd
Ei5yAiAdh5uXPD3eIiwoJf2n95stnAGfbcqPkeVjcYT7IKr1CQB1AKLjCuRF772t
m3447Udnd1PXgluElNcrXhssxLlQpEfnAAABjJQgi1AAAAQDAEYwRAIgWsjbSciZ
s06mQDz65KogT3QTfYlw6wRXavyOohpyZTwCIGn67peIjwETG7/OJa+mEVIAI8x8
3zmQ4l1fnxxqSsbWAHUATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8A
AAGMlCCLMQAABAMARjBEAiAbwRKHchQjpQwXe6LzVtMUXVB93jTE5eKNsXps7yfU
6QIgQs+Wp6fPyLtBZ4lrzSaM6+kUmzg0dK4hiLHssB+5LdAwDQYJKoZIhvcNAQEM
BQADggGBAFj7zJ8cujrbIdAJUb1b0oTQQr7g6F6Np/ExOEoUKzI8TT4AN8yrS1VV
Y87lHeJeWRy/pEuOUfkkV1514QDHIUhHEFHpCWdPpq43krIgQW66rwSAx3fCGnK/
pnof3NQWf98U+SB6KPsDcJUGFnR6HK+oOxiBHsVy2xPlCE+RRh2xxRM/UGhQ6U8k
PGbldkvwM2lby7P03FNivUUYc9C+NAzWUGE74Qse89rFoZC2rEeE8/Xj0DU4UFjF
FdW2rSfkQ/hEtF4m5dbS/+GdLwgvZzy5oSI5QRzbdLdAjnqWFQiqoZat3ZU8MqQG
rjKY/7Ph2lwNag5xqOsR0jobDhgLI+ofDmSl6jBHzuCWvsf4CwXuv4LmhoKo0Rzc
F6vxkjAOwvFxVUFnJnuBF+rVFUBE6UN38n7FDvni1nQk4/O99HpjjWENkbvZ/1LS
4+08uzv2t7GIvNsuvqh/b4Pz+69JlDbSnQ381gHvSr+P4Muyj0ZEHbsmGaxdkKfD
G6rk7BJpFA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGwtZ9OZT+HT4xiSnJ3W/J1MMHjdB
B2UaDfv+dbmDDpoR08MuzApvMp1FkLwhEVDRq2QgZmCjY5orxSK4H+q9Eg==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 99565307605568595777817105813741277632
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi RSA Domain Validation Secure Server CA 3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.boisdalain.fr'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				00041b0b59f4e653f874f8c624a72775bf27530c1e374107651a0dfbfe75b9830e9a11d3c32ecc0a6f329d4590bc211150d1ab64206660a3639a2bc522b81feabd12
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 811192de6632a5b05b333d654385fcd4042df1ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ca0ef49c1a5bf8b191de693210d26622f2019393
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.boisdalain.fr'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							0166007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018c94208b540000040300473045022100c11c60d9698b71b5a2543a0b75c4c2c1a7496536322a93eed8f6e2961d122e7202201d879b973c3dde222c2825fda7f79b2d9c019f6dca8f91e5637184fb20aaf509007500a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018c94208b50000004030046304402205ac8db49c899b34ea6403cfae4aa204f74137d8970eb04576afc8ea21a72653c022069faee97888f01131bbfce25afa611520023cc7cdf3990e25d5f9f1c6a4ac6d60075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c94208b31000004030046304402201bc11287721423a50c177ba2f356d3145d507dde34c4e5e28db17a6cef27d4e9022042cf96a7a7cfc8bb4167896bcd268cebe9149b383474ae2188b1ecb01fb92dd0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		0058fbcc9f1cba3adb21d00951bd5bd284d042bee0e85e8da7f131384a142b323c4d3e0037ccab4b555563cee51de25e591cbfa44b8e51f924575e75e100c72148471051e909674fa6ae3792b220416ebaaf0480c777c21a72bfa67a1fdcd4167fdf14f9207a28fb0370950616747a1cafa83b18811ec572db13e5084f91461db1c5133f506850e94f243c66e5764bf033695bcbb3f4dc5362bd451873d0be340cd650613be10b1ef3dac5a190b6ac4784f3f5e3d035385058c515d5b6ad27e443f844b45e26e5d6d2ffe19d2f082f673cb9a12239411cdb74b7408e7a961508aaa196addd953c32a406ae3298ffb3e1da5c0d6a0e71a8eb11d23a1b0e180b23ea1f0e64a5ea3047cee096bec7f80b05eebf82e68682a8d11cdc17abf192300ec2f171554167267b8117ead5154044e94377f27ec50ef9e2d67424e3f3bdf47a638d610d91bbd9ff52d2e3ed3cbb3bf6b7b188bcdb2ebea87f6f83f3fbaf499436d29d0dfcd601ef4abf8fe0cbb28f46441dbb2619ac5d90a7c31baae4ec126914