sonata-lingerie.com
Issued by Thawte DV SSL CA
About this certificate
This digital certificate with serial number 20:8a:b7:ef:9a:e8:cb:37:00:4b:53:cc:fa:4e:f2:35 was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Compliant certificates must not encode explicitTest as an IA5String (RFC 6818: 3)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=sonata-lingerie.com
Thawte, Inc.
Organization:
Thawte, Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 20:8a:b7:ef:9a:e8:cb:37:00:4b:53:cc:fa:4e:f2:35Serial Number (int): 43255563496025545268149185533635916341
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: ab:44:e4:5d:ec:83:c7:d9:c0:85:9f:f7:e1:c6:97:90:b0:8c:3f:98
Fingerprint (sha1): 2a:2a:36:01:96:98:11:b1:89:8b:67:df:33:e0:cb:fe:af:9f:59:37
Fingerprint (sha256): 21:f0:f0:7d:64:3a:71:90:84:bd:a9:cb:56:61:18:0f:22:22:14:93:a4:c9:e3:c2:72:ba:a3:ff:69:91:23:79
Issuing Certificate URL: http://tc.symcb.com/tc.crt
Revocation information
OCSP Server: http://tc.symcd.comCRL Distribution Point: http://tc.symcb.com/tc.crl
Check the revocation status for certificate sonata-lingerie.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sonata-lingerie.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sonata-lingerie.com
Other certificates including the domain name sonata-lingerie.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for sonata-lingerie.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEdDCCA1ygAwIBAgIQIIq375royzcAS1PM+k7yNTANBgkqhkiG9w0BAQUFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe Fw0xNDA3MTAwMDAwMDBaFw0xNTA4MDkyMzU5NTlaMB4xHDAaBgNVBAMUE3NvbmF0 YS1saW5nZXJpZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx RyyADDXJkUBW4nnlZQEvLrYJY+p96btDJTKMV1adHgOmsZuPUHUILDxPkUHi4ooO 7KHKQAFutQ7VhxsaaJhWfffWR7L5Cby5zWwM1MBlFRwSVEDwxD6juGfHzQkryKKH LvWghqRRcU46ZRpcsk2Ln/FR1eNGsyiNV/CZQ/Z8Af2jLlzhLuUZi3PuRNLSdkNZ sQo6G4xsXN1q/EVbXuXCAqU0PzPSyZuWKwFtjKTwrTbK4iTdaGHQYaCxY80SK8gE mlUioruD/70yypu49FWoEBJ5lYa7u02p4Geg269UciGFzrOOECLWvQsqhHBaOj/i GQRz339M0X3cFTf5NuUPAgMBAAGjggFsMIIBaDAeBgNVHREEFzAVghNzb25hdGEt bGluZ2VyaWUuY29tMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDov L3RjLnN5bWNiLmNvbS90Yy5jcmwwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEww IwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwIC MBkWF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFKtE5F3sg8fZ wIWf9+HGl5CwjD+YMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8v dGMuc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vdGMuc3ltY2IuY29tL3Rj LmNydDANBgkqhkiG9w0BAQUFAAOCAQEAdruCvO+ro2VoHTUc8X17f87MjdHDMBz9 IMckKXvhx2oO6nSGoHcIjAyKQ6ktQIEb6PrMNfiN4z+YSJ/78GqSeGHvMZbYbxbR nRCkXLInxmhztP3E1wrFvFIHo8REklwysXidihMI64z3oKp50i096WatjNtE6Oq4 zux3XtYFiO+aNXHuJaVtoapoeTwcue3DnXz2rphApbh5zyJ7td0nmPtdDN9A/ZD+ gwycBhGchpYQckRVfXVxfHRwjjsu8mesAiKZ4jwTAyhDzd1HwYPcTYHumFY6QiKO 0VGv2kdfzBi/ao1YOfKKXq+mYb5j3h6idjCdFA6omd+J7XwXm6hZ2w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUcsgAw1yZFAVuJ55WUB Ly62CWPqfem7QyUyjFdWnR4DprGbj1B1CCw8T5FB4uKKDuyhykABbrUO1YcbGmiY Vn331key+Qm8uc1sDNTAZRUcElRA8MQ+o7hnx80JK8iihy71oIakUXFOOmUaXLJN i5/xUdXjRrMojVfwmUP2fAH9oy5c4S7lGYtz7kTS0nZDWbEKOhuMbFzdavxFW17l wgKlND8z0smblisBbYyk8K02yuIk3Whh0GGgsWPNEivIBJpVIqK7g/+9MsqbuPRV qBASeZWGu7tNqeBnoNuvVHIhhc6zjhAi1r0LKoRwWjo/4hkEc99/TNF93BU3+Tbl DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 43255563496025545268149185533635916341 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte DV SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-07-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-08-09 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'sonata-lingerie.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22379277102087372971714890930898849673769807111255558981195177629581213463772958497544674306313662712095762026188169843070859396338875480634953156218698710115971855806869371221516483299083578480635085363994353172539160908864544695588385022563516976243356965418989622622514485673239165809129225011777846240911788650528339597138746436223155270478053069264804929225786457496810907824526545918520141709004713992132560689095472792875364397100925101775062965820045870799832574383612533854994840175374703205221385975559391364565061578225902570470683535370717167761765289065128641996576658678210440284467081043092442113828111 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonata-lingerie.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tc.symcb.com/tc.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ab44e45dec83c7d9c0859ff7e1c69790b08c3f98 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tc.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tc.symcb.com/tc.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0076bb82bcefaba365681d351cf17d7b7fcecc8dd1c3301cfd20c724297be1c76a0eea7486a077088c0c8a43a92d40811be8facc35f88de33f98489ffbf06a927861ef3196d86f16d19d10a45cb227c66873b4fdc4d70ac5bc5207a3c444925c32b1789d8a1308eb8cf7a0aa79d22d3de966ad8cdb44e8eab8ceec775ed60588ef9a3571ee25a56da1aa68793c1cb9edc39d7cf6ae9840a5b879cf227bb5dd2798fb5d0cdf40fd90fe830c9c06119c8696107244557d75717c74708e3b2ef267ac022299e23c13032843cddd47c183dc4d81ee98563a42228ed151afda475fcc18bf6a8d5839f28a5eafa661be63de1ea276309d140ea899df89ed7c179ba859db