ra.otpbank.com.ua

- JSC OTP Bank -

Issued by Thawte SSL CA

About this certificate

This digital certificate with serial number 4f:f3:4f:52:3b:f6:cb:09:91:c3:41:36:c4:1f:93:0d was issued on by Thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

JSC OTP Bank

Organization: JSC OTP Bank
Organization unit: IT Security
State / Province: Kiev
Locality: Kiev
Country: UA

Thawte, Inc.

Organization: Thawte, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4f:f3:4f:52:3b:f6:cb:09:91:c3:41:36:c4:1f:93:0d
Serial Number (int): 106272348629258301872777430366139945741
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId:

Fingerprint (sha1): 68:e3:bb:78:da:99:90:74:df:8f:22:d5:a6:74:69:e3:c6:98:c8:28
Fingerprint (sha256): 22:60:39:9f:1a:4a:3c:d7:e1:45:50:e0:74:79:58:c1:de:65:0c:0e:71:72:fb:d8:b1:00:91:1f:0d:c3:84:a1


Revocation information

OCSP Server: http://ocsp.thawte.com
CRL Distribution Point: http://svr-ov-crl.thawte.com/ThawteOV.crl

Check the revocation status for certificate ra.otpbank.com.ua

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ra.otpbank.com.ua

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Extended Key Usages

Server Authentication
Client Authentication

Extensions

4 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Other certificates including the domain name otpbank.com.ua

(limited to 100 certificates)
ra.otpbank.com.ua
bpmmarketiis.otpbank.com.ua
ra.otpbank.com.ua
ua.otpbank.com.ua
chatclb.otpbank.com.ua
www.otpbank.com.ua
livechat.otpbank.com.ua
www.otpbank.com.ua
ra.otpbank.com.ua
ua.otpbank.com.ua
*.otpbank.com.ua
ua.otpbank.com.ua
gateway.otpbank.com.ua
tender.otpbank.com.ua
ibank.otpbank.com.ua
www.otpbank.com.ua
gateway.otpbank.com.ua
uaafasttack.otpbank.com.ua
rdweb.otpbank.com.ua
chatclb.otpbank.com.ua
ibank.otpbank.com.ua
*.otpbank.com.ua
www.otpbank.com.ua
ibank.otpbank.com.ua
lmsmoco.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
gw.otpbank.com.ua
ibank.otpbank.com.ua
gw.otpbank.com.ua
rdweb.otpbank.com.ua
ua.otpbank.com.ua
uaafasttacktst.otpbank.com.ua
rdweb.otpbank.com.ua
ua.otpbank.com.ua
livechat.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
*.otpbank.com.ua
chatclb.otpbank.com.ua
mailgw02.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
uaafasttacktst.otpbank.com.ua
uaanginxprod.otpbank.com.ua
www.otpbank.com.ua
storage.otpbank.com.ua
chatclb.otpbank.com.ua
*.otpbank.com.ua
broker.otpbank.com.ua
www.otpbank.com.ua
uaaspamedge.otpbank.com.ua
ua.otpbank.com.ua
rdweb.otpbank.com.ua
ibank.otpbank.com.ua
livechat.otpbank.com.ua
broker.otpbank.com.ua
uaaspamedge01.otpbank.com.ua
www.otpbank.com.ua
chatclb.otpbank.com.ua
www.otpbank.com.ua
own.otpbank.com.ua
www.otpbank.com.ua
ua.otpbank.com.ua
ua.otpbank.com.ua
mailgw02.otpbank.com.ua
www.otpbank.com.ua
chatclb.otpbank.com.ua
uaaspamedge02.otpbank.com.ua
storage.otpbank.com.ua
www.otpbank.com.ua
ua.otpbank.com.ua
www.otpbank.com.ua
own.otpbank.com.ua
www.otpbank.com.ua
www.otpbank.com.ua
own.otpbank.com.ua
sip.otpbank.com.ua
livechat.otpbank.com.ua
ibankpilot.otpbank.com.ua
ua.otpbank.com.ua
www.otpbank.com.ua

Certificate

The complete raw certificate details for ra.otpbank.com.ua in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIID2zCCAsOgAwIBAgIQT/NPUjv2ywmRw0E2xB+TDTANBgkqhkiG9w0BAQUFADA8
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U
aGF3dGUgU1NMIENBMB4XDTEyMDEwNTAwMDAwMFoXDTE0MDEwNDIzNTk1OVowdDEL
MAkGA1UEBhMCVUExDTALBgNVBAgTBEtpZXYxDTALBgNVBAcUBEtpZXYxFTATBgNV
BAoUDEpTQyBPVFAgQmFuazEUMBIGA1UECxQLSVQgU2VjdXJpdHkxGjAYBgNVBAMU
EXJhLm90cGJhbmsuY29tLnVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3D9OGdoufNXnIC6A0zogoxrI4y94MCdXGY9K25+rFZKAqg1ytKvx6a22AoaA
syfvoRHoVwdLmcDtAXAglghop8BlbW0mWeSSATK8334AAHhgXvb8Ii/NdauFh9m5
qanShHwJ6HWZTJSgeOUxrWCg0dfvKRC5C7TrOG8xx+gseS4ieC3uV4bTQw5HYVFA
vCnUv9lr3eTEng493qnLAqm5w06xVj9Q0Rfcg1x1eMUSSJFlsLbcifgYk4kVZMRL
T9WLu0jA7z4fPmXt9Hchk4cnsAwWrZy9Vba4/walYh5m0fS51qN4TVUqx2PB/Gfp
uXtNW0KJJF4oP4Lp0+qkrAsNZwIDAQABo4GgMIGdMAwGA1UdEwEB/wQCMAAwOgYD
VR0fBDMwMTAvoC2gK4YpaHR0cDovL3N2ci1vdi1jcmwudGhhd3RlLmNvbS9UaGF3
dGVPVi5jcmwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDIGCCsGAQUF
BwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AudGhhd3RlLmNvbTANBgkq
hkiG9w0BAQUFAAOCAQEAVLCengoW1ZbbytG+OtjX8eGUxkUEcMQ+vmvv6vmxFMt6
iyaOO7urmzl/xhiymZhvfX9cL+sC+SR2Xa41ii+LZbuKWWY3nj6t+DK3qCynAwJi
QaPmTaPfK1hkqU0eqnIwmcH95ZTFSCMw4evPKmmzfgz+dmMCcjnzeujoCB4EfPd6
ds61hN8tM8oB/5sY1wHoryn94g/AHJxftfx430rDEXPqBBGEGnMlfn9o9hBdbOOO
iGHq2R+ca1TQM+FDHCBd+jGObfd8/KM6tjfW8KtsUOSsScbbMZV/p2u33Bj4Qe15
ry4MRznVsBpGbTmbNZaFG87iJGOszRWgU1HeCsWyGA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3D9OGdoufNXnIC6A0zog
oxrI4y94MCdXGY9K25+rFZKAqg1ytKvx6a22AoaAsyfvoRHoVwdLmcDtAXAglgho
p8BlbW0mWeSSATK8334AAHhgXvb8Ii/NdauFh9m5qanShHwJ6HWZTJSgeOUxrWCg
0dfvKRC5C7TrOG8xx+gseS4ieC3uV4bTQw5HYVFAvCnUv9lr3eTEng493qnLAqm5
w06xVj9Q0Rfcg1x1eMUSSJFlsLbcifgYk4kVZMRLT9WLu0jA7z4fPmXt9Hchk4cn
sAwWrZy9Vba4/walYh5m0fS51qN4TVUqx2PB/GfpuXtNW0KJJF4oP4Lp0+qkrAsN
ZwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 106272348629258301872777430366139945741
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-01-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-01-04 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Kiev'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Kiev'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'JSC OTP Bank'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'IT Security'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'ra.otpbank.com.ua'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27803643991924228776072783297773318955767467380979747058285543229851498328048803145419639973027476344418502039521211190643459634693353526655912706888995913508344401707983572390257069362610756190071684895779405175716736518953496042866392029391417197791581420092438033492021887223189586366178540475852223029374280852093982783669563816647817434811025660358522187655270855708829320193862801070137265015630913418913197943261281785520455001613840571310897609468878527461061431445359678296269386189693060200959127748338127519660459084032342087696095569797654940979158912710474218820670975449688675887419076498847863073869159
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-crl.thawte.com/ThawteOV.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0054b09e9e0a16d596dbcad1be3ad8d7f1e194c6450470c43ebe6befeaf9b114cb7a8b268e3bbbab9b397fc618b299986f7d7f5c2feb02f924765dae358a2f8b65bb8a5966379e3eadf832b7a82ca703026241a3e64da3df2b5864a94d1eaa723099c1fde594c5482330e1ebcf2a69b37e0cfe7663027239f37ae8e8081e047cf77a76ceb584df2d33ca01ff9b18d701e8af29fde20fc01c9c5fb5fc78df4ac31173ea0411841a73257e7f68f6105d6ce38e8861ead91f9c6b54d033e1431c205dfa318e6df77cfca33ab637d6f0ab6c50e4ac49c6db31957fa76bb7dc18f841ed79af2e0c4739d5b01a466d399b3596851bcee22463accd15a05351de0ac5b218