khb.sbm.no

Issued by Buypass Class 2 CA 2

About this certificate

This digital certificate with serial number 90:7e:44:de:81:9e:d7:f3:e1:5b was issued on by Buypass AS-983163327.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=khb.sbm.no

Buypass AS-983163327

Organization: Buypass AS-983163327
Country: NO

This certificate will expire on

Certificate Details

Serial Number (hex): 90:7e:44:de:81:9e:d7:f3:e1:5b
Serial Number (int): 682350025832874951041371
Serial Number lenght: 80 bits, 10 octets

SubjectKeyId: ca:fb:af:3e:19:ba:c2:94:4e:c5:78:ba:0a:29:ff:05:7e:da:2e:24
AuthorityKeyId: 92:ad:65:89:b2:00:0f:cb:51:0d:c1:23:ec:94:4e:8f:c1:04:3f:77

Fingerprint (sha1): 67:67:0c:66:c2:28:d1:fb:9c:59:08:69:9f:40:5b:cb:37:e4:c3:e4
Fingerprint (sha256): 27:8b:85:0a:d5:9a:00:3e:24:cc:29:4b:56:4a:d4:d8:57:4b:50:36:b8:9b:8a:0a:ef:bc:57:66:f1:09:24:0e

Issuing Certificate URL: http://crt.buypass.no/crt/BPClass2CA2.cer

Revocation information

OCSP Server: http://ocsp.buypass.com
CRL Distribution Point: http://crl.buypass.no/crl/BPClass2CA2.crl

Check the revocation status for certificate khb.sbm.no

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for khb.sbm.no

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

khb.sbm.no

Other certificates including the domain name sbm.no

(limited to 100 certificates)

Certificate

The complete raw certificate details for khb.sbm.no in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgILAJB+RN6Bntfz4VswDQYJKoZIhvcNAQELBQAwSzELMAkG
A1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MR0wGwYDVQQD
DBRCdXlwYXNzIENsYXNzIDIgQ0EgMjAeFw0yNDA1MTQwNjQ2MjZaFw0yNTA2MDYy
MTU5MDBaMBUxEzARBgNVBAMMCmtoYi5zYm0ubm8wggIiMA0GCSqGSIb3DQEBAQUA
A4ICDwAwggIKAoICAQDWhPPJ9YpLxW1WXaDPXoIUrzJEfAy3MiMsA9kH80WJ3Z11
upxJG3DplzxGs35cKznev848N66+RqJZUxGR4lTxX2d4YbZuwfXxRH6WYqAgaYBe
qBeTO90zDPNUGOhnBs/u5DvYc1ak8zXh4cgEiOrLq6CkJyQYWWPJszfC56Ngyhm2
eFmuv7ZFvOCeHfTmJg8Z5XNMaPKa5m23OoDOFOmpA2KhFfpoRDu1DBpzKKqwjJXn
X5bX5QnON023jnQynRU1LIZxX1CR8qIw53rzH2BG828iH2d0FWCKvKaAVkzQcAH6
7xnXMGEy54FDSVyWi1WNZqNDStiYTFPkv/4lbOkAd3HuPLIdgRQ8dy2SGeNXLnI6
DjcMt/sSK/7WVHrwmtq8NNtLQU3I2QVlPpVit7uPXC//Zv79BHqwv0FJkE1nPi/2
0O6g/jaaae1biu45QaovlLwf9o5uIDUaBCO2Edog8BZOUlor7YMRlYp0bQTcMXW9
euoXHGBfBtJ9cnX/Zc7bfZ9/kR36SvRIWAIxSH0RyvKuUsrNiv/8WymmxEMVlJWU
VJWys4tqdt9KWn0FQ7jAsIIoxEI4fl4x5XWH36LN2htmP+LlmYyc9jBgaU5206Q/
YD/wUY3Wgu+hQCHHQfRp8wDdQvd+HOCaW4YbGxLKQv5Zttwz7vmggorL9lvb7QID
AQABo4IBdjCCAXIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSSrWWJsgAPy1EN
wSPslE6PwQQ/dzAdBgNVHQ4EFgQUyvuvPhm6wpROxXi6Cin/BX7aLiQwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSAE
GDAWMAoGCGCEQgEaAQIEMAgGBmeBDAECATA6BgNVHR8EMzAxMC+gLaArhilodHRw
Oi8vY3JsLmJ1eXBhc3Mubm8vY3JsL0JQQ2xhc3MyQ0EyLmNybDAVBgNVHREEDjAM
ggpraGIuc2JtLm5vMGoGCCsGAQUFBwEBBF4wXDAjBggrBgEFBQcwAYYXaHR0cDov
L29jc3AuYnV5cGFzcy5jb20wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQuYnV5cGFz
cy5uby9jcnQvQlBDbGFzczJDQTIuY2VyMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G
CSqGSIb3DQEBCwUAA4IBAQBSz7Cn8xWmLAsQ+EvJaQ13OW1ueqvnx0TakcnGXX2+
iUZTHBvudZiK6XcVVebtcz6AHxCmvjndV9IEo3X2fsk/QDkIxW73OQd5VPy2NMsN
vFfeZaLZEMaPhcBkijBQ/cLMJh8+eivJT05j13+dfGvEJUOuWWu8K+sNK45cW8gw
ps95pgWKJjIzvqMgIUaVOrXFRh1vvYdJQnHnfJs1MV7Fb5La3CZf24UMFL/6kw/H
aS/ADgaNK9/jdCN+y2w7WKwU5/rORDxhEicyLrklEYCtWpYbMK8ChkGz5YzS6gwY
MupFq7wKTb9fi8s9mDeXteDw1ZCHkxewwSe+EPuloYuL
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1oTzyfWKS8VtVl2gz16C
FK8yRHwMtzIjLAPZB/NFid2ddbqcSRtw6Zc8RrN+XCs53r/OPDeuvkaiWVMRkeJU
8V9neGG2bsH18UR+lmKgIGmAXqgXkzvdMwzzVBjoZwbP7uQ72HNWpPM14eHIBIjq
y6ugpCckGFljybM3wuejYMoZtnhZrr+2Rbzgnh305iYPGeVzTGjymuZttzqAzhTp
qQNioRX6aEQ7tQwacyiqsIyV51+W1+UJzjdNt450Mp0VNSyGcV9QkfKiMOd68x9g
RvNvIh9ndBVgirymgFZM0HAB+u8Z1zBhMueBQ0lclotVjWajQ0rYmExT5L/+JWzp
AHdx7jyyHYEUPHctkhnjVy5yOg43DLf7Eiv+1lR68JravDTbS0FNyNkFZT6VYre7
j1wv/2b+/QR6sL9BSZBNZz4v9tDuoP42mmntW4ruOUGqL5S8H/aObiA1GgQjthHa
IPAWTlJaK+2DEZWKdG0E3DF1vXrqFxxgXwbSfXJ1/2XO232ff5Ed+kr0SFgCMUh9
EcryrlLKzYr//FsppsRDFZSVlFSVsrOLanbfSlp9BUO4wLCCKMRCOH5eMeV1h9+i
zdobZj/i5ZmMnPYwYGlOdtOkP2A/8FGN1oLvoUAhx0H0afMA3UL3fhzgmluGGxsS
ykL+WbbcM+75oIKKy/Zb2+0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 682350025832874951041371
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NO'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Buypass AS-983163327'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Buypass Class 2 CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 06:46:26 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-06 21:59:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'khb.sbm.no'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 875162572992496238759499029366995218403711540973863648415298601679435801294703479263005689560775372393750536783030537483649815415119224856644793419550443863098596291147031587581828931598655050876992784743593434780194338931260892866758869040749593480037389890818659131751974409186406923985818394813953753802269271648311200400482530423808343280567221403458113375066244235259047198080886732488815608850964070028697052979662094472151148476155432433975260605472539643210314481580722065700606586176562866322727155516391405637674891040263525924701734228135291103817657853989951525893431957424892555700707333631260891599587217638501691200235080640454076914408736487893651522505147365471571205355107050596409240334965279918563258561092754193382616295573266756211532055464271570329334182747265074601979616974633633700450108720126626279422423991756534819854507742542989596364150196138418275112197669317369032549689932472195760405282036320036267246420764750435309187483725172864927618796150724132123377923378565890426963307252773438088332209797549388137309324949328913782465562178505277902494182136452807553815089217029312638984536923055201912292697724199009975298899723722975162728014026656078256908217485818365001972805531415432623579345968109
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 92ad6589b2000fcb510dc123ec944e8fc1043f77
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cafbaf3e19bac2944ec578ba0a29ff057eda2e24
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.578.1.26.1.2.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.buypass.no/crl/BPClass2CA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khb.sbm.no'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.buypass.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.buypass.no/crt/BPClass2CA2.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0052cfb0a7f315a62c0b10f84bc9690d77396d6e7aabe7c744da91c9c65d7dbe8946531c1bee75988ae9771555e6ed733e801f10a6be39dd57d204a375f67ec93f403908c56ef739077954fcb634cb0dbc57de65a2d910c68f85c0648a3050fdc2cc261f3e7a2bc94f4e63d77f9d7c6bc42543ae596bbc2beb0d2b8e5c5bc830a6cf79a6058a263233bea3202146953ab5c5461d6fbd87494271e77c9b35315ec56f92dadc265fdb850c14bffa930fc7692fc00e068d2bdfe374237ecb6c3b58ac14e7face443c611227322eb9251180ad5a961b30af028641b3e58cd2ea0c1832ea45abbc0a4dbf5f8bcb3d983797b5e0f0d590879317b0c127be10fba5a18b8b