aovpn.cma.gov.uk
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 02:51:30:47:0f:b9:f5:e1:5f:24:f1:37:de:9b:78:ec was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=aovpn.cma.gov.uk
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:51:30:47:0f:b9:f5:e1:5f:24:f1:37:de:9b:78:ecSerial Number (int): 3080011222838754137777374763853510892
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: f4:48:df:07:08:47:a9:27:c7:e4:a8:44:6a:79:ff:39:a1:d0:8a:43
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): 4d:e8:e6:bc:8f:18:b7:36:9e:03:9f:e6:01:57:59:54:66:10:32:0a
Fingerprint (sha256): 25:2a:74:d4:1a:f1:8f:6b:72:eb:3c:c7:71:78:ec:2d:43:03:9a:42:b5:dd:43:9d:e5:17:87:3a:e1:9e:86:2c
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate aovpn.cma.gov.uk
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aovpn.cma.gov.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aovpn.cma.gov.uk
Other certificates including the domain name cma.gov.uk
(limited to 100 certificates)
access01.cma.gov.uk
*.cma.gov.uk
sts.cma.gov.uk
lyweb01.cma.gov.uk
aovpn.cma.gov.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sftp-dfis.cma.gov.uk
mail.cma.gov.uk
access01.cma.gov.uk
access02.cma.gov.uk
access02.cma.gov.uk
mail.cma.gov.uk
sts.cma.gov.uk
*.cma.gov.uk
aovpn.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
mail.cma.gov.uk
aovpn.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
data.cma.gov.uk
lyweb01.cma.gov.uk
lyweb01.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
lyweb01.cma.gov.uk
aovpn.cma.gov.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
mail.cma.gov.uk
vpn.cmaonline.org.uk
vpn.cmaonline.org.uk
sftp-dfis.cma.gov.uk
mail.cma.gov.uk
access01.cma.gov.uk
access02.cma.gov.uk
access02.cma.gov.uk
mail.cma.gov.uk
sts.cma.gov.uk
*.cma.gov.uk
aovpn.cma.gov.uk
sts.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
mail.cma.gov.uk
aovpn.cma.gov.uk
vpn.cmaonline.org.uk
*.cma.gov.uk
sts.cma.gov.uk
data.cma.gov.uk
lyweb01.cma.gov.uk
lyweb01.cma.gov.uk
vpn.cmaonline.org.uk
Certificate
The complete raw certificate details for aovpn.cma.gov.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEujCCA6KgAwIBAgIQAlEwRw+59eFfJPE33pt47DANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0xOTA1MDgwMDAwMDBaFw0yMTA1MDcxMjAwMDBaMBsxGTAXBgNVBAMTEGFvdnBu LmNtYS5nb3YudWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8/cXj k7RrefXQRFCmdUN4ZBBqQCb99p6J4xtpfEMaPY/8keM6eH8zYPFs4/HpXDU7t82x 74FP0bTjE54Rs7QbY1ox0Ipw8+UKMyckxzlJWD8kUyEWatkmmJSAT7k+8YaopZ69 5DS/XgBsAwVkWAfmuqCNTbGyfgHtmRdhWm4mbdf2ctFZp92oYgkLLaJs+U6NG7ia VpoFhsfBvadSg/W+F9M3I4qbiibjrsoVy/tpDa4MTywiGyYg0ObinUCfblcubFA5 NYzgX4D0roD5IQT2WrVH/tQbka+kckaTFExwz//Mz3AUPAuC/nfEPo+fq1hTONZu juzg003PRQKHlnzhAgMBAAGjggG1MIIBsTAfBgNVHSMEGDAWgBSQWP+wnHWoUVR3 se3yo0MWOJ5sxTAdBgNVHQ4EFgQU9EjfBwhHqSfH5KhEann/OaHQikMwGwYDVR0R BBQwEoIQYW92cG4uY21hLmdvdi51azAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9j ZHAuZ2VvdHJ1c3QuY29tL0dlb1RydXN0UlNBQ0EyMDE4LmNybDBMBgNVHSAERTBD MDcGCWCGSAGG/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2Vy dC5jb20vQ1BTMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwJgYIKwYBBQUHMAGG Gmh0dHA6Ly9zdGF0dXMuZ2VvdHJ1c3QuY29tMD0GCCsGAQUFBzAChjFodHRwOi8v Y2FjZXJ0cy5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIwMTguY3J0MAkGA1Ud EwQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAI8i MJD+WtJt+Mp11IeRq+eLTlfCNSZ1PbXSChT6ZOWT54BmNTeKat1nP/gTpWKZOnEi H/y2xlR/38sRTjmc9UmMjCZx40P0cbd3JDRALV3QRZtd7aZYRyvHzfN95Nf/TSIv l9Cc0ZLy3hagokdjxg5dWFMFvGTOZO6FkMXxIYCLdKHMoMghQ5k1ZqfQAmI/owjF R+VzZWR95CXZO8Qk6NU8/PvUzpAucKoVgGL6yfjkf21W1QzPL4uEWTS7BHQS92go NASNuGV+G5vPuRfIy5czeuD2lLjZKvJEfa1V3BJiMDLX+Wzf2NvHdnAXKTiaFYdv l7drMPID0smEX5At0AQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP3F45O0a3n10ERQpnVD eGQQakAm/faeieMbaXxDGj2P/JHjOnh/M2DxbOPx6Vw1O7fNse+BT9G04xOeEbO0 G2NaMdCKcPPlCjMnJMc5SVg/JFMhFmrZJpiUgE+5PvGGqKWeveQ0v14AbAMFZFgH 5rqgjU2xsn4B7ZkXYVpuJm3X9nLRWafdqGIJCy2ibPlOjRu4mlaaBYbHwb2nUoP1 vhfTNyOKm4om467KFcv7aQ2uDE8sIhsmINDm4p1An25XLmxQOTWM4F+A9K6A+SEE 9lq1R/7UG5GvpHJGkxRMcM//zM9wFDwLgv53xD6Pn6tYUzjWbo7s4NNNz0UCh5Z8 4QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3080011222838754137777374763853510892 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-05-07 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aovpn.cma.gov.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23857941465828910941907561497728189975400332242350934429145601654637259026772194390323004445362986476467477612728731121259593670491618922991668169326994274929022670095389255551414076041998626806584660383876831194626691826625391461175210069903220765839123955575332225422582018016095470933446744153347236523251951161721759417571303984473693313033431774917442484268350046066875613359707369727822505951941112404471364970569931706864815157868018328372419093385347421142833889573185505703664538461999959517568522730098779039672376984015563057269970037511226569322934567283259627934334445818395459947837208024376887265885409 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f448df070847a927c7e4a8446a79ff39a1d08a43 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aovpn.cma.gov.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008f223090fe5ad26df8ca75d48791abe78b4e57c23526753db5d20a14fa64e593e7806635378a6add673ff813a562993a71221ffcb6c6547fdfcb114e399cf5498c8c2671e343f471b7772434402d5dd0459b5deda658472bc7cdf37de4d7ff4d222f97d09cd192f2de16a0a24763c60e5d585305bc64ce64ee8590c5f121808b74a1cca0c82143993566a7d002623fa308c547e57365647de425d93bc424e8d53cfcfbd4ce902e70aa158062fac9f8e47f6d56d50ccf2f8b845934bb047412f7682834048db8657e1b9bcfb917c8cb97337ae0f694b8d92af2447dad55dc12623032d7f96cdfd8dbc776701729389a15876f97b76b30f203d2c9845f902dd004