isotopes.gov
- Oak Ridge National Laboratory -
Issued by thawte SHA256 SSL CA
About this certificate
This digital certificate with serial number 42:e9:d4:75:0b:fd:c1:f6:67:2e:9b:31:af:e6:33:c8 was issued on by thawte, Inc..
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Oak Ridge National Laboratory
Organization:
Oak Ridge National Laboratory
State / Province:
Tennessee
Locality: Oak Ridge
Country: US
Locality: Oak Ridge
Country: US
thawte, Inc.
Organization:
thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 42:e9:d4:75:0b:fd:c1:f6:67:2e:9b:31:af:e6:33:c8Serial Number (int): 88943162034085160074618830468917113800
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 2b:9a:35:ae:01:18:38:30:e1:70:7a:05:e0:11:76:a3:ce:bd:90:14
Fingerprint (sha1): 4e:a8:f4:8a:44:f7:bd:94:81:67:8c:43:fd:ca:48:78:5a:41:66:00
Fingerprint (sha256): 32:b7:f3:e4:00:87:87:88:74:f5:d7:c0:39:03:a6:18:8d:48:40:4e:85:7b:a2:89:eb:26:88:6b:41:83:58:d5
Issuing Certificate URL: http://tg.symcb.com/tg.crt
Revocation information
OCSP Server: http://tg.symcd.comCRL Distribution Point: http://tg.symcb.com/tg.crl
Check the revocation status for certificate isotopes.gov
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for isotopes.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.isotopes.gov
isotope.gov
www.isotope.gov
isotopes.gov
isotope.gov
www.isotope.gov
isotopes.gov
Other certificates including the domain name isotopes.gov
(limited to 100 certificates)
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
isotopes.gov
isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
isodox.ornl.gov
isotopes.gov
www.isotopes.gov
isotopes.gov
isotopes.gov
isotopes.gov
www.isotopes.gov
isotopes.gov
isotopes.gov
www.isotopes.gov
isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
isotopes.gov
isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
isodox.ornl.gov
isotopes.gov
www.isotopes.gov
isotopes.gov
isotopes.gov
isotopes.gov
www.isotopes.gov
isotopes.gov
isotopes.gov
www.isotopes.gov
isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
www.isotopes.gov
Certificate
The complete raw certificate details for isotopes.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIQQunUdQv9wfZnLpsxr+YzyDANBgkqhkiG9w0BAQsFADBD MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQDExR0 aGF3dGUgU0hBMjU2IFNTTCBDQTAeFw0xNTAxMjgwMDAwMDBaFw0xODAxMjcyMzU5 NTlaMHQxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcM CU9hayBSaWRnZTEmMCQGA1UECgwdT2FrIFJpZGdlIE5hdGlvbmFsIExhYm9yYXRv cnkxFTATBgNVBAMMDGlzb3RvcGVzLmdvdjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMrKv0QkXJ4I0aDHOiGSvT8O28iOTREyt8ppoGyCC5Ob9JcREL3l 365ZD9nHGpo2y5wGyRP1aJHukMj7h9Gq9Zr/hX0shvXvnN71Qfx2HxBtKQFGMMCS t7VpdvVBRqr4D9VjofdQt6LCNuQIuTxSI4qtKXvQd9p5t0y+MT8pmmfaQcDrKvpO 0vfXbvj3wjnqSHDozfpIDJGgVtiAl5wBV5nIyz2BiP3cU8Y1UE/JTaGKAhbWqZjV RbzYi0P0rsOgpQCFnIloSd3HHJuYfZBV1lH6uZox7lauGWcjL0BRY9znflrfMVYY 1mVqflJi426HtyIOvKoLByoq3ok2PSGa7/UCAwEAAaOCAaIwggGeMEcGA1UdEQRA MD6CEHd3dy5pc290b3Blcy5nb3aCC2lzb3RvcGUuZ292gg93d3cuaXNvdG9wZS5n b3aCDGlzb3RvcGVzLmdvdjAJBgNVHRMEAjAAMHIGA1UdIARrMGkwZwYKYIZIAYb4 RQEHNjBZMCYGCCsGAQUFBwIBFhpodHRwczovL3d3dy50aGF3dGUuY29tL2NwczAv BggrBgEFBQcCAjAjDCFodHRwczovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkw DgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFCuaNa4BGDgw4XB6BeARdqPOvZAU MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly90Zy5zeW1jYi5jb20vdGcuY3JsMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBXBggrBgEFBQcBAQRLMEkwHwYI KwYBBQUHMAGGE2h0dHA6Ly90Zy5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6 Ly90Zy5zeW1jYi5jb20vdGcuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQCARxKz4e0x PQ3C6sYEZZ0jyphxlnpsY1hQCA53F2Q2rd4S8le7MLHhD7qRsKbW0C40KW2oeaWF Pp7XnVcAterkajq8BMrG9FBIw4ObwaV4uErCGHOtYM/hi7fclLLwBojg3dKtzISH YPFJkdst5j5HzYrIjjHTVidfWNEnGJuA2I7gHOFCLHAOoxwiHwCKAAMjmRzhwJIg PavIJPdsxQbJfoSHnKoBFiKmsYaZw4uWjBRvMfYoX68T8bHW9y89N5EKQo3CQVVN 97cA2shi762V/rVXoWiSrkNZR9nUCItXq2VCUBM0i9OUIAyG3ilNQG3cKgaz2C2W aYMRaqqmsICB -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysq/RCRcngjRoMc6IZK9 Pw7byI5NETK3ymmgbIILk5v0lxEQveXfrlkP2ccamjbLnAbJE/Voke6QyPuH0ar1 mv+FfSyG9e+c3vVB/HYfEG0pAUYwwJK3tWl29UFGqvgP1WOh91C3osI25Ai5PFIj iq0pe9B32nm3TL4xPymaZ9pBwOsq+k7S99du+PfCOepIcOjN+kgMkaBW2ICXnAFX mcjLPYGI/dxTxjVQT8lNoYoCFtapmNVFvNiLQ/Suw6ClAIWciWhJ3cccm5h9kFXW Ufq5mjHuVq4ZZyMvQFFj3Od+Wt8xVhjWZWp+UmLjboe3Ig68qgsHKireiTY9IZrv 9QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 88943162034085160074618830468917113800 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SHA256 SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Tennessee' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Oak Ridge' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Oak Ridge National Laboratory' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'isotopes.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25600115940923760492247755206714922943181530683179560674413726076263146111790273800776864510012904968782116420843500258027447391122971689526303313121907168288127946869702703323853894376506204929244676527981154502473497999532190524540418379249871961815826245128097643395559500308630683852248623065366551565097191136942557046457215684086199830452666068410068111405361192524271942505788642025715641790277264638291591353797985863403597576136749359722209987670055951882073520712746253161310027819332568728513705435011240517791868423006820692537219764383455722181221139932148023647121228639207145577939017250620826722168821 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.isotopes.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'isotope.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.isotope.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'isotopes.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2b9a35ae01183830e1707a05e01176a3cebd9014 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcb.com/tg.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tg.symcb.com/tg.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00804712b3e1ed313d0dc2eac604659d23ca9871967a6c635850080e77176436adde12f257bb30b1e10fba91b0a6d6d02e34296da879a5853e9ed79d5700b5eae46a3abc04cac6f45048c3839bc1a578b84ac21873ad60cfe18bb7dc94b2f00688e0ddd2adcc848760f14991db2de63e47cd8ac88e31d356275f58d127189b80d88ee01ce1422c700ea31c221f008a000323991ce1c092203dabc824f76cc506c97e84879caa011622a6b18699c38b968c146f31f6285faf13f1b1d6f72f3d37910a428dc241554df7b700dac862efad95feb557a16892ae435947d9d4088b57ab65425013348bd394200c86de294d406ddc2a06b3d82d966983116aaaa6b08081