portal.firstnetexchange.com
Issued by RapidSSL SHA256 CA - G4
About this certificate
This digital certificate with serial number 28:a8 was issued on by GeoTrust Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=portal.firstnetexchange.com,OU=GT51582995+OU=See www.rapidssl.com/resources/cps (c)15+OU=Domain Control Validated - RapidSSL(R)
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 28:a8Serial Number (int): 10408
Serial Number lenght: 14 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: f3:b5:56:0c:c4:09:b0:b4:cf:1f:aa:f9:dd:23:56:f0:77:e8:a1:f9
Fingerprint (sha1): 7b:17:e1:c5:f6:89:4c:83:67:08:1e:93:56:46:78:fb:98:9c:16:dd
Fingerprint (sha256): 22:63:76:82:ed:85:f9:37:ca:d3:ae:7e:9d:a7:fd:11:20:b5:55:05:7f:7f:5b:67:69:6c:cc:38:82:32:1d:c4
Issuing Certificate URL: http://gz.symcb.com/gz.crt
Revocation information
OCSP Server: http://gz.symcd.comCRL Distribution Point: http://gz.symcb.com/gz.crl
Check the revocation status for certificate portal.firstnetexchange.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for portal.firstnetexchange.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
portal.firstnetexchange.com
Other certificates including the domain name firstnetexchange.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for portal.firstnetexchange.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEuDCCA6CgAwIBAgICKKgwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UEBhMCVVMx FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xIDAeBgNVBAMTF1JhcGlkU1NMIFNIQTI1 NiBDQSAtIEc0MB4XDTE1MTAxMzE3NDEyOVoXDTE4MDExNDEwMzk0MVowgZ8xEzAR BgNVBAsTCkdUNTE1ODI5OTUxMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29t L3Jlc291cmNlcy9jcHMgKGMpMTUxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZh bGlkYXRlZCAtIFJhcGlkU1NMKFIpMSQwIgYDVQQDExtwb3J0YWwuZmlyc3RuZXRl eGNoYW5nZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEW5pg YAmATfAVuPA3Gd77uiMycuJnqQTU6H8YUdSQYLrJv8zqp/QWrhZngEIR7ROoZ4qh 9HoaWW09JMYFKUquv6Hv1chO5mjX5QNjsrdMwgY9d+ioS+1r0tXf/cJM4HjBAigq FKgWQBToob0wrcn5JJwifNCCYELloM4ovdQms5vSY/ar2fEvrV4IjLbObfEMMZW9 OCnjQolaZpG7C0Lh5S+kbzAlekmsf39b6/N8w+Pg77OJvdhNwj0/dSpiuNIOoYiV qMuhfTWThjxwLXCJJEpJQHLjbGR+AI7TlmLzHZBg6EGzwMxoE5kxL/Vhj3lXiOcM C1RGKGoZMlzJm47DAgMBAAGjggFTMIIBTzAfBgNVHSMEGDAWgBTztVYMxAmwtM8f qvndI1bwd+ih+TBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9n ei5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9nei5zeW1jYi5jb20vZ3ou Y3J0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwJgYDVR0RBB8wHYIbcG9ydGFsLmZpcnN0bmV0ZXhjaGFuZ2UuY29tMCsGA1Ud HwQkMCIwIKAeoByGGmh0dHA6Ly9nei5zeW1jYi5jb20vZ3ouY3JsMAwGA1UdEwEB /wQCMAAwQQYDVR0gBDowODA2BgZngQwBAgEwLDAqBggrBgEFBQcCARYeaHR0cHM6 Ly93d3cucmFwaWRzc2wuY29tL2xlZ2FsMA0GCSqGSIb3DQEBCwUAA4IBAQArwmMX QaDNBaLV75PaVSFkdS7pxIHIiq1ZZTIogi5kJGtKDmiK0U1cfkRSNlzcWiz3DYCc nG/iVUZgGyZag9vdbP4Vdw7grCPsgBhGhGxqos6Z+K3I+L0cmBCJzOyUDmXqtsLE sDM/UjsHfbprpvjiN+/fMNDyxd3IlDrq9MK4EhA094zKr4OdqgVIOjX7dwiMAmgp AGNGs6RSD0wXRal6wmwjKh/rvtnrOtTml8qCC3pCYMRBNtr7Sik/42WsJBZ2vrGK 3DpPDMbI52t12NOlHJdnzDZRN2af6ebN2x3URJSrJbszSOlyZb7BEX1jkyTy+/fA ZW7256aMsJ8+KMx5 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFuaYGAJgE3wFbjwNxne +7ojMnLiZ6kE1Oh/GFHUkGC6yb/M6qf0Fq4WZ4BCEe0TqGeKofR6GlltPSTGBSlK rr+h79XITuZo1+UDY7K3TMIGPXfoqEvta9LV3/3CTOB4wQIoKhSoFkAU6KG9MK3J +SScInzQgmBC5aDOKL3UJrOb0mP2q9nxL61eCIy2zm3xDDGVvTgp40KJWmaRuwtC 4eUvpG8wJXpJrH9/W+vzfMPj4O+zib3YTcI9P3UqYrjSDqGIlajLoX01k4Y8cC1w iSRKSUBy42xkfgCO05Zi8x2QYOhBs8DMaBOZMS/1YY95V4jnDAtURihqGTJcyZuO wwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10408 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA - G4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-10-13 17:41:29 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-14 10:39:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT51582995' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.rapidssl.com/resources/cps (c)15' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated - RapidSSL(R)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'portal.firstnetexchange.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24787878912504736663388629291773075063099986121786219972312987751270861753101574632416234324263511419939620283462634674807367660929442791141319403657215544173992726747710141277832350898521771977472425292848164979864123497997726216230089756300936908257890627569456579524796317925167068031062208665110910174257258119258045956667184008602105016898321573669531649046549737630327542653934554377130321711128876760702793876218717599284581389292965645648716954319203465179938072832382269237592387443987245858672315275196531206854452955541394115280915855145570138361892816797854883684244327766679026410656510695123327125262019 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f3b5560cc409b0b4cf1faaf9dd2356f077e8a1f9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.firstnetexchange.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002bc2631741a0cd05a2d5ef93da552164752ee9c481c88aad59653228822e64246b4a0e688ad14d5c7e4452365cdc5a2cf70d809c9c6fe25546601b265a83dbdd6cfe15770ee0ac23ec801846846c6aa2ce99f8adc8f8bd1c981089ccec940e65eab6c2c4b0333f523b077dba6ba6f8e237efdf30d0f2c5ddc8943aeaf4c2b8121034f78ccaaf839daa05483a35fb77088c026829006346b3a4520f4c1745a97ac26c232a1febbed9eb3ad4e697ca820b7a4260c44136dafb4a293fe365ac241676beb18adc3a4f0cc6c8e76b75d8d3a51c9767cc365137669fe9e6cddb1dd44494ab25bb3348e97265bec1117d639324f2fbf7c0656ef6e7a68cb09f3e28cc79