hklegend.net
Issued by Encryption Everywhere DV TLS CA - G1
About this certificate
This digital certificate with serial number 05:9f:bd:39:ca:f1:22:36:9e:25:98:7a:8d:95:f1:a6 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=hklegend.net
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 05:9f:bd:39:ca:f1:22:36:9e:25:98:7a:8d:95:f1:a6Serial Number (int): 7475553133659455110651862226268713382
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 0c:35:37:2a:c6:a4:38:4c:e0:b4:bc:0a:97:e4:d6:f7:a4:84:27:ad
AuthorityKeyId: 55:74:4f:b2:72:4f:f5:60:ba:50:d1:d7:e6:51:5c:9a:01:87:1a:d7
Fingerprint (sha1): 1a:bb:35:f3:76:9e:fc:76:ec:28:aa:c3:fe:eb:71:ee:93:8d:6b:08
Fingerprint (sha256): 30:40:ee:a3:86:59:9c:87:9e:38:ef:9b:10:2b:7d:06:19:9f:b2:94:55:24:0d:a5:86:28:4e:a0:1a:ed:65:f0
Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCheck the revocation status for certificate hklegend.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hklegend.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hklegend.net
*.hklegend.net
*.hklegend.net
Other certificates including the domain name hklegend.net
(limited to 100 certificates)
diendan.hklegend.net
hklegend.net
4rum.hklegend.net
hklegend.net
diendan.hklegend.net
diendan.hklegend.net
diendan.hklegend.net
4rum.hklegend.net
diendan.hklegend.net
diendan.hklegend.net
ww17.home.hklegend.net
britishindiaassociation.com
hklegend.net
4rum.hklegend.net
hklegend.net
4rum.hklegend.net
4rum.hklegend.net
hklegend.net
diendan.hklegend.net
creationsunifit.com
hklegend.net
hklegend.net
4rum.hklegend.net
hklegend.net
4rum.hklegend.net
hklegend.net
diendan.hklegend.net
diendan.hklegend.net
diendan.hklegend.net
4rum.hklegend.net
diendan.hklegend.net
diendan.hklegend.net
ww17.home.hklegend.net
britishindiaassociation.com
hklegend.net
4rum.hklegend.net
hklegend.net
4rum.hklegend.net
4rum.hklegend.net
hklegend.net
diendan.hklegend.net
creationsunifit.com
hklegend.net
hklegend.net
4rum.hklegend.net
Certificate
The complete raw certificate details for hklegend.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEnjCCA4agAwIBAgIQBZ+9OcrxIjaeJZh6jZXxpjANBgkqhkiG9w0BAQsFADBu MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg RFYgVExTIENBIC0gRzEwHhcNMjAwMjAxMDAwMDAwWhcNMjEwMjAxMTIwMDAwWjAX MRUwEwYDVQQDEwxoa2xlZ2VuZC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQC2+bPzF58Oq0NYUrcZuRNb7D3UcEbkcST76aGevffkxqSkb+WG7VSb Tz7+J6owkt/qWHfrjWMY4KW2ToLTugYFy8FBjK0PLvgyV/3kZIsa0+sNn//z62yO gAffAZLCM8u1BgNs3+4Zp14Z62MNW5Fc8gUJlNxFZ7jIZpDh3MMamtoU7YeEr9bK wYMV7Rk0URrcD2zPtqFhAeaaugMjnsqbW9rc2Noe/zcg8Uo3XXZzZiS+NVr8ZTQQ Dd16XuanxnGWF7difTkQ3ePVI4Fc1NTstRhRyichMsPZOKHSscPMYTsxaAWNXAvI gSs0OLuCeNe/vKzBe9XErqEgwITn+RFPAgMBAAGjggGNMIIBiTAfBgNVHSMEGDAW gBRVdE+yck/1YLpQ0dfmUVyaAYca1zAdBgNVHQ4EFgQUDDU3KsakOEzgtLwKl+TW 96SEJ60wJwYDVR0RBCAwHoIMaGtsZWdlbmQubmV0gg4qLmhrbGVnZW5kLm5ldDAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEwG A1UdIARFMEMwNwYJYIZIAYb9bAECMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3 LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIBMIGABggrBgEFBQcBAQR0MHIwJAYI KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEFBQcwAoY+ aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRpb25FdmVyeXdoZXJl RFZUTFNDQS1HMS5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADAN BgkqhkiG9w0BAQsFAAOCAQEAG7bAtS0IBNa22kcIS7JB2aIii4rYBfevTjDwkSRj fvr7UEbX9d1zyN6YfXe7qmrOxqBex7oXDPj+YrPsy3UTRpR5VTuVBL7uEiJNmgKX Mm9Uy5iIhLxPwRmHOX0Ic7YuMv8ylIGnHzQN8x6cMSLaTD/ERn0ueiKp5cOy2Esb oxYCiVgE188vShpNLXSw/MGCDYL1RaBEr34AJUWD5P/FKtIUNXWHtV7F6mSEUAN6 kYY17eVGY8z6nbRJFBs5U4eELAOLj3DbgaDXFsO0pp8/x7tohmuh8Nf2PeLGDOlW VJhJchT2voXOrLmF5qgbNRV8ZnAY8oZ1LumeGLryWcSQqQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvmz8xefDqtDWFK3GbkT W+w91HBG5HEk++mhnr335MakpG/lhu1Um08+/ieqMJLf6lh3641jGOCltk6C07oG BcvBQYytDy74Mlf95GSLGtPrDZ//8+tsjoAH3wGSwjPLtQYDbN/uGadeGetjDVuR XPIFCZTcRWe4yGaQ4dzDGpraFO2HhK/WysGDFe0ZNFEa3A9sz7ahYQHmmroDI57K m1va3NjaHv83IPFKN112c2YkvjVa/GU0EA3del7mp8Zxlhe3Yn05EN3j1SOBXNTU 7LUYUconITLD2Tih0rHDzGE7MWgFjVwLyIErNDi7gnjXv7yswXvVxK6hIMCE5/kR TwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7475553133659455110651862226268713382 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-01 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hklegend.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23098504606874607435088484663827642887883985964782431936121576130999976857248695411475223163838058171944931146165634345544927146695813030323137511131398440364008450749703159032968854862210601607914357261211344591852835794030342766540493059844452776188675548756598415668164154764831781406917422778933700242086049714278896977396229704383887638657343507607948356253345583866895051515440284011893615923357865042733441474334128718087009267027455634038086643943459767654318116792464248732496908730035302149919412437926844940578101988149109290879143305839462703704869277807103823131166971066716511988957659968445719942598991 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55744fb2724ff560ba50d1d7e6515c9a01871ad7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0c35372ac6a4384ce0b4bc0a97e4d6f7a48427ad . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hklegend.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hklegend.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001bb6c0b52d0804d6b6da47084bb241d9a2228b8ad805f7af4e30f09124637efafb5046d7f5dd73c8de987d77bbaa6acec6a05ec7ba170cf8fe62b3eccb7513469479553b9504beee12224d9a0297326f54cb988884bc4fc11987397d0873b62e32ff329481a71f340df31e9c3122da4c3fc4467d2e7a22a9e5c3b2d84b1ba31602895804d7cf2f4a1a4d2d74b0fcc1820d82f545a044af7e00254583e4ffc52ad214357587b55ec5ea648450037a918635ede54663ccfa9db449141b395387842c038b8f70db81a0d716c3b4a69f3fc7bb68866ba1f0d7f63de2c60ce9565498497214f6be85ceacb985e6a81b35157c667018f286752ee99e18baf259c490a9