www.praktijksmink.nl
Issued by Trust Provider B.V. DV SSL CA - G2
About this certificate
This digital certificate with serial number 24:04:c4:c2:20:3b:25:06:b8:ce:f8:eb:67:b6:68:97 was issued on by Trust Provider B.V..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.praktijksmink.nl
Trust Provider B.V.
Organization:
Trust Provider B.V.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 24:04:c4:c2:20:3b:25:06:b8:ce:f8:eb:67:b6:68:97Serial Number (int): 47876967768211976018933253741940730007
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: d8:da:ef:d8:e0:ac:71:71:02:de:e6:62:fa:cf:fc:40:3b:fb:a0:52
Fingerprint (sha1): ed:fc:1d:60:9a:dc:25:56:76:ed:fc:c6:d1:09:78:7f:96:8f:44:72
Fingerprint (sha256): 43:f5:cd:0b:d2:69:d7:16:eb:11:72:1d:a8:58:2a:a1:7b:f9:02:42:72:e1:64:74:1c:a3:20:16:14:a4:08:e9
Issuing Certificate URL: http://trustprovider-aia.digitalcertvalidation.com/trustproviderg2.crt
Revocation information
OCSP Server: http://trustprovider-ocsp.digitalcertvalidation.comCRL Distribution Point: http://trustprovider-crl.digitalcertvalidation.com/trustproviderg2.crl
Check the revocation status for certificate www.praktijksmink.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.praktijksmink.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.praktijksmink.nl
praktijksmink.nl
praktijksmink.nl
Other certificates including the domain name praktijksmink.nl
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.praktijksmink.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXTCCBUWgAwIBAgIQJATEwiA7JQa4zvjrZ7ZolzANBgkqhkiG9w0BAQsFADB3 MQswCQYDVQQGEwJOTDEcMBoGA1UEChMTVHJ1c3QgUHJvdmlkZXIgQi5WLjEdMBsG A1UECxMURG9tYWluIFZhbGlkYXRlZCBTU0wxKzApBgNVBAMTIlRydXN0IFByb3Zp ZGVyIEIuVi4gRFYgU1NMIENBIC0gRzIwHhcNMTYwODI0MDAwMDAwWhcNMTcxMDIz MjM1OTU5WjAfMR0wGwYDVQQDDBR3d3cucHJha3RpamtzbWluay5ubDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMK70xAFVhXZUK+s77rOvFmRQbLP3X6q Ww0TJZuV8BFFAHe5ct+Ydwpwo3fQ1hIBjJ5t1n+wgoN+ZI9cxM0fGHO/7VF0qTbL bY0+877dbyVpdxBFyi7EDRdWUutiN79HTYNy8smMsZ9rYXZONQBigFibjk61jLvc TAKz0decszpPvBBEmdBUn1CYYbnZtVdb/ElMxava2cscy8pqf4pRCtOH0b0EUP1n ONgQjE/ieRVdLCEoqB5FXvLo/zspWnBEX5DydZPszxhQVg9/iP2eU3WM4ptlhbmb omvbY9X6smfJvqqnAjRFLWnKEM/JY8ofZ0z1F/+d9Wd7uY00i6H32DkCAwEAAaOC AzswggM3MDEGA1UdEQQqMCiCFHd3dy5wcmFrdGlqa3NtaW5rLm5sghBwcmFrdGlq a3NtaW5rLm5sMAkGA1UdEwQCMAAwVwYDVR0fBFAwTjBMoEqgSIZGaHR0cDovL3Ry dXN0cHJvdmlkZXItY3JsLmRpZ2l0YWxjZXJ0dmFsaWRhdGlvbi5jb20vdHJ1c3Rw cm92aWRlcmcyLmNybDCBnQYDVR0gBIGVMIGSMIGPBgZngQwBAgEwgYQwPwYIKwYB BQUHAgEWM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3Np dG9yeS9sZWdhbDBBBggrBgEFBQcCAjA1DDNodHRwczovL3d3dy5nZW90cnVzdC5j b20vcmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVnYWwwHwYDVR0jBBgwFoAU2Nrv2OCs cXEC3uZi+s/8QDv7oFIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjCBpQYIKwYBBQUHAQEEgZgwgZUwPwYIKwYBBQUHMAGGM2h0 dHA6Ly90cnVzdHByb3ZpZGVyLW9jc3AuZGlnaXRhbGNlcnR2YWxpZGF0aW9uLmNv bTBSBggrBgEFBQcwAoZGaHR0cDovL3RydXN0cHJvdmlkZXItYWlhLmRpZ2l0YWxj ZXJ0dmFsaWRhdGlvbi5jb20vdHJ1c3Rwcm92aWRlcmcyLmNydDCCAQQGCisGAQQB 1nkCBAIEgfUEgfIA8AB2AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7M AAABVrxdABIAAAQDAEcwRQIgTNBixX6rdu94e5dZhxKqttD9kYW7s7KECCZkQUGy hm4CIQDc+0Tgo0vcPKJiQOI2q8SvDQ8mPozgz76cFqnhAY8V8QB2AKS5CZC0GFgU h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABVrxdAQgAAAQDAEcwRQIgRx29GmQn 0yB3NOcJKn3bTTHClqhdA6PKswL+ZI30lNgCIQCOlQM6Y4xgIYak/BAy5xMYGk54 7+QAovm+656yEzEAHzANBgkqhkiG9w0BAQsFAAOCAQEABCeZzJ4snAQmtgz3ok4X Xbs8GE9f5xtZNsArlFGMjGBi5gJM6Ey4TXPeA11oKcgJK0uNXS88tKIyAchM0YDz GbML7yrivT2ZEHJK+4hD0Bj9Rjq/treqq+VuYkeiVBTwCpm9+TJveU6KzzB+k6H3 b+75WogN/BT5/IOyDCtVDtomeoUbPZ29N1I4al4cF6LBvnOKSBGKN/I4SbvHIZYw JjKDrBc4zx5b+QhZ11LLk74WOMQeqKdniYYH1pRSKZyE+2vHkZY4UsY4+2ZWUDHp YXUQLsJjjGEr7of2Jz/qZkjpEZOKfeJ4I2aTXCaFZ8NHYGskXg6FXEFOubFXhPu4 iA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrvTEAVWFdlQr6zvus68 WZFBss/dfqpbDRMlm5XwEUUAd7ly35h3CnCjd9DWEgGMnm3Wf7CCg35kj1zEzR8Y c7/tUXSpNsttjT7zvt1vJWl3EEXKLsQNF1ZS62I3v0dNg3LyyYyxn2thdk41AGKA WJuOTrWMu9xMArPR15yzOk+8EESZ0FSfUJhhudm1V1v8SUzFq9rZyxzLymp/ilEK 04fRvQRQ/Wc42BCMT+J5FV0sISioHkVe8uj/OylacERfkPJ1k+zPGFBWD3+I/Z5T dYzim2WFuZuia9tj1fqyZ8m+qqcCNEUtacoQz8ljyh9nTPUX/531Z3u5jTSLoffY OQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 47876967768211976018933253741940730007 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trust Provider B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trust Provider B.V. DV SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.praktijksmink.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24582850858206876856978133886916027400337478764435669654062273303557007328071541481451590811687599491933732649417525169571367640560353356370115935797807627097148578169584331690326716708685345044576195137664621231662948751697850589277157902431377844774277608981388947000648184109051753265991714707162398617535007810671210961125172578245898373936159577299727773725765284903155823414013005375902549944518720868322478875637616440053178511808435688556507540476482653609853530679909315776743393547912026143378685610955183157474906883452805873855068843445470651996432609512139339787196322149356577252075441055131933932509241 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.praktijksmink.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'praktijksmink.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://trustprovider-crl.digitalcertvalidation.com/trustproviderg2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d8daefd8e0ac717102dee662facffc403bfba052 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (152 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://trustprovider-ocsp.digitalcertvalidation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://trustprovider-aia.digitalcertvalidation.com/trustproviderg2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000156bc5d0012000004030047304502204cd062c57eab76ef787b97598712aab6d0fd9185bbb3b2840826644141b2866e022100dcfb44e0a34bdc3ca26240e236abc4af0d0f263e8ce0cfbe9c16a9e1018f15f1007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000156bc5d010800000403004730450220471dbd1a6427d3207734e7092a7ddb4d31c296a85d03a3cab302fe648df494d80221008e95033a638c602186a4fc1032e713181a4e78efe400a2f9beeb9eb21331001f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00042799cc9e2c9c0426b60cf7a24e175dbb3c184f5fe71b5936c02b94518c8c6062e6024ce84cb84d73de035d6829c8092b4b8d5d2f3cb4a23201c84cd180f319b30bef2ae2bd3d9910724afb8843d018fd463abfb6b7aaabe56e6247a25414f00a99bdf9326f794e8acf307e93a1f76feef95a880dfc14f9fc83b20c2b550eda267a851b3d9dbd3752386a5e1c17a2c1be738a48118a37f23849bbc7219630263283ac1738cf1e5bf90859d752cb93be1638c41ea8a767898607d69452299c84fb6bc791963852c638fb66565031e96175102ec2638c612bee87f6273fea6648e911938a7de2782366935c268567c347606b245e0e855c414eb9b15784fbb888