mail.kicc.co.ke

Issued by Intermediate Certificate DV SSL CA

About this certificate


This digital certificate with serial number 0a:d1 was issued on by Intermediate Certificate .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

mail.kicc.co.ke

Organization unit: GT78956351

Intermediate Certificate

Organization: Intermediate Certificate
Organization unit: Domain Validated SSL

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:d1
Serial Number (int): 2769
Serial Number lenght: 12 bits, 2 octets

SubjectKeyId: e4:04:e1:fc:ac:e2:60:ba:3e:4c:79:26:ac:05:f6:bf:ff:62:4a:b1
AuthorityKeyId: 2b:46:ad:c8:d6:87:ed:cc:90:04:0c:62:a1:57:3f:fb:6e:86:18:a0

Fingerprint (sha1): 56:b7:66:ea:3f:34:de:05:e1:7b:8d:90:cd:4e:a6:af:0a:b9:a7:85
Fingerprint (sha256): b3:72:00:e2:aa:d3:39:8e:ab:23:01:da:aa:dd:b9:9f:2f:1d:6d:6e:7b:e6:c7:44:56:f6:a1:eb:d8:f8:5b:d2

Issuing Certificate URL: http://ica-aia.digitalcertvalidation.com/ica.crt

Revocation information

OCSP Server: http://ica-ocsp.digitalcertvalidation.com
CRL Distribution Point: http://ica-crl.digitalcertvalidation.com/crls/ica.crl

Check the revocation status for the current certificate on mail.kicc.co.ke
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: mail.kicc.co.ke

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgICCtEwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCTkwx ITAfBgNVBAoTGEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZTEdMBsGA1UECxMURG9t YWluIFZhbGlkYXRlZCBTU0wxKzApBgNVBAMTIkludGVybWVkaWF0ZSBDZXJ0aWZp Y2F0ZSBEViBTU0wgQ0EwHhcNMTMwODE5MTgxMDA4WhcNMTQwODIzMDgwMTA0WjAv MRMwEQYDVQQLEwpHVDc4OTU2MzUxMRgwFgYDVQQDEw9tYWlsLmtpY2MuY28ua2Uw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYKGJUWJgOZUMD9twtp+Kl 0mztJmswTij/1RKpf5U8ys61+QUYhT8laSzVyErAOAD2ysRxjf/55vXedtxmt2h2 rSSJvsXu1GVG1uxugXEyJ/UDaY9D3EYZHUqfIP6fkpycbN1PpD8I6hXVAo8p8LKx hTOD4nngKKUJxW1KsYscMFEe7W5lcNNHOXeYcWea188BN03avGU5kpvfMhztll+e tnaK2R8dI0ZKvYciblxxtI4XOj9YE01nch166WsWmuT0MPE7t52CEUHW/QKB5pcA Lxis+GQIkG8mU7d6ysyqwK/Alqp5p7nMV+dwAblQB2PvtMRb/RionzbpnecvNSQ7 AgMBAAGjggG5MIIBtTAfBgNVHSMEGDAWgBQrRq3I1oftzJAEDGKhVz/7boYYoDCB gwYIKwYBBQUHAQEEdzB1MDUGCCsGAQUFBzABhilodHRwOi8vaWNhLW9jc3AuZGln aXRhbGNlcnR2YWxpZGF0aW9uLmNvbTA8BggrBgEFBQcwAoYwaHR0cDovL2ljYS1h aWEuZGlnaXRhbGNlcnR2YWxpZGF0aW9uLmNvbS9pY2EuY3J0MA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGgYDVR0RBBMwEYIP bWFpbC5raWNjLmNvLmtlMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly9pY2EtY3Js LmRpZ2l0YWxjZXJ0dmFsaWRhdGlvbi5jb20vY3Jscy9pY2EuY3JsMB0GA1UdDgQW BBTkBOH8rOJguj5MeSasBfa//2JKsTAMBgNVHRMBAf8EAjAAMEwGA1UdIARFMEMw QQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3RydXN0 LmNvbS9yZXNvdXJjZXMvY3BzMA0GCSqGSIb3DQEBBQUAA4IBAQDNymPtzjQ2NIH0 zi6nuM9jtD4uyqSWpBAqalVqB66RLaZkGXAuoUmfCdMHf1ZpG27eakRsG7OX+XKz E0Xv9ff9nC/X+j8puHfcmymsThO8mAcCuGmWde1vhQFPkgd7YxCu7yI52yYOhqYz mXYdh+4hJXcHP/0pOLskbft8aJGtf0GdFsD71l2tLVvXaK7f4+vXDRC9iIKVDQqz zvTkYHNh/Im2gLAENKeiWuXHCLGe7R3L40andHvYO6nHjJWRGaPYqtONRVhi/VBh CWwTXwQ+2ATS/EDXdKiOlptGWD56EG2pJ4fJyvVTVxi196xiMP1Rp+A+2rt6c2PQ JG2Kko97 -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ChiVFiYDmVDA/bcLafi pdJs7SZrME4o/9USqX+VPMrOtfkFGIU/JWks1chKwDgA9srEcY3/+eb13nbcZrdo dq0kib7F7tRlRtbsboFxMif1A2mPQ9xGGR1KnyD+n5KcnGzdT6Q/COoV1QKPKfCy sYUzg+J54CilCcVtSrGLHDBRHu1uZXDTRzl3mHFnmtfPATdN2rxlOZKb3zIc7ZZf nrZ2itkfHSNGSr2HIm5ccbSOFzo/WBNNZ3IdeulrFprk9DDxO7edghFB1v0CgeaX AC8YrPhkCJBvJlO3esrMqsCvwJaqeae5zFfncAG5UAdj77TEW/0YqJ826Z3nLzUk OwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2769 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Intermediate Certificate' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Intermediate Certificate DV SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-08-19 18:10:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-08-23 08:01:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT78956351' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.kicc.co.ke' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27287388014351653499180944805869083721891745471202327345572362158018173548574384517637290379437221194095666503225675378847149295260248911729921207000961538837637007626366595403157513060948466774597369517703008495102590799804719025009566554566863200405626861853573660295262197678805285931537568988338143816676335183009224086476050327288540052888152307507474648387245051748244780105828847113170687250138543617408570699723160751779765112691881641392174874237944841058142158796471545085392051853517470257215719183570129086528701685326919766441142070400422765333174440581370776173897475988756267910764166441941135227429947 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2b46adc8d687edcc90040c62a1573ffb6e8618a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ica-ocsp.digitalcertvalidation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ica-aia.digitalcertvalidation.com/ica.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.kicc.co.ke' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ica-crl.digitalcertvalidation.com/crls/ica.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e404e1fcace260ba3e4c7926ac05f6bfff624ab1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00cdca63edce34363481f4ce2ea7b8cf63b43e2ecaa496a4102a6a556a07ae912da66419702ea1499f09d3077f56691b6ede6a446c1bb397f972b31345eff5f7fd9c2fd7fa3f29b877dc9b29ac4e13bc980702b8699675ed6f85014f92077b6310aeef2239db260e86a63399761d87ee212577073ffd2938bb246dfb7c6891ad7f419d16c0fbd65dad2d5bd768aedfe3ebd70d10bd8882950d0ab3cef4e4607361fc89b680b00434a7a25ae5c708b19eed1dcbe346a7747bd83ba9c78c959119a3d8aad38d455862fd5061096c135f043ed804d2fc40d774a88e969b46583e7a106da92787c9caf5535718b5f7ac6230fd51a7e03edabb7a7363d0246d8a928f7b