piwik.grace-web.de
Issued by RapidSSL SHA256 CA - G4
About this certificate
This digital certificate with serial number 03:e9 was issued on by GeoTrust Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=piwik.grace-web.de,OU=GT41840553+OU=See www.rapidssl.com/resources/cps (c)15+OU=Domain Control Validated - RapidSSL(R)
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e9Serial Number (int): 1001
Serial Number lenght: 10 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: f3:b5:56:0c:c4:09:b0:b4:cf:1f:aa:f9:dd:23:56:f0:77:e8:a1:f9
Fingerprint (sha1): 87:e0:f0:53:d7:57:f7:1b:c3:88:96:11:b7:4f:62:47:1a:4e:10:33
Fingerprint (sha256): 48:1d:20:f8:58:dd:28:59:2c:ab:26:af:09:99:e1:e1:d1:d2:4b:92:e9:15:30:3c:11:35:cc:34:33:49:da:61
Issuing Certificate URL: http://gz.symcb.com/gz.crt
Revocation information
OCSP Server: http://gz.symcd.comCRL Distribution Point: http://gz.symcb.com/gz.crl
Check the revocation status for certificate piwik.grace-web.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for piwik.grace-web.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
piwik.grace-web.de
Other certificates including the domain name grace-web.de
(limited to 100 certificates)
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
crm.grace-web.de
wordpress.grace-web.de
server5.grace-web.de
wordpress.grace-web.de
wordpress.grace-web.de
crm.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
crm.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
crm.grace-web.de
crm.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
server5.grace-web.de
piwik.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
wordpress.grace-web.de
piwik.grace-web.de
crm.grace-web.de
crm.grace-web.de
wordpress.grace-web.de
server5.grace-web.de
wordpress.grace-web.de
wordpress.grace-web.de
crm.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
crm.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
crm.grace-web.de
crm.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
piwik.grace-web.de
server5.grace-web.de
piwik.grace-web.de
crm.grace-web.de
piwik.grace-web.de
crm.grace-web.de
wordpress.grace-web.de
Certificate
The complete raw certificate details for piwik.grace-web.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEpjCCA46gAwIBAgICA+kwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UEBhMCVVMx FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xIDAeBgNVBAMTF1JhcGlkU1NMIFNIQTI1 NiBDQSAtIEc0MB4XDTE1MDgwOTA5NTEyOFoXDTE4MDgxMDIxMDYyMVowgZYxEzAR BgNVBAsTCkdUNDE4NDA1NTMxMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29t L3Jlc291cmNlcy9jcHMgKGMpMTUxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZh bGlkYXRlZCAtIFJhcGlkU1NMKFIpMRswGQYDVQQDExJwaXdpay5ncmFjZS13ZWIu ZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXYDa17+lTmQobHrDg 1DSz5aEbGPrMBHBWA9s8n6tN9fHlAqKGuVsHPyoD66Q3rU0YzfavLrNaVwB9YkZ2 SvRshOadhf/pt8frw4GJ1k5g0rCnavT9HJ3TQsa8nW2iLYavq7muh3mdSJGTKIuy 3Kn3tzecQN5wI4MkXWeoK1flvo+zFENG62qjNBuB26ym+lgZpUr/PoS6RM9in66R FED0UmR9RfV6+/5r+L9f/vu8AfRu70WQ+8QzQ7QbV0EoALFRcOUg3GZ6xXztR4FM zqVy6sOzFIoCBlFhNdXlpzX/zyZFbPDMlcqkmL/JJhDBiiNAumF+xrOso4IMfuaD ANLpAgMBAAGjggFKMIIBRjAfBgNVHSMEGDAWgBTztVYMxAmwtM8fqvndI1bwd+ih +TBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nei5zeW1jZC5j b20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9nei5zeW1jYi5jb20vZ3ouY3J0MA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0R BBYwFIIScGl3aWsuZ3JhY2Utd2ViLmRlMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6 Ly9nei5zeW1jYi5jb20vZ3ouY3JsMAwGA1UdEwEB/wQCMAAwQQYDVR0gBDowODA2 BgZngQwBAgEwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cucmFwaWRzc2wuY29t L2xlZ2FsMA0GCSqGSIb3DQEBCwUAA4IBAQCMz0QcoiW9KA8zBzZsdrmYxRRgMdZ2 +hsos5cEUPx42FBl+1X7+MVvbV/DCKXjYpiMFwgGv+tMMZI/7WkTSaRi6T/r2Ipw 51yIXNXAlB0VXeNZPWQWoPHIYY/HSg8Az7xQeCK/PsD7iP3y4ThW8wnDtl5KghJw JXiR64MFgF7b9EQ2jexEDuOi3l44RiymearLiPTSf52XokzgKAnDhFkLUG8XIqE3 Cl2AXC9bXT6oUDWgphFZ8rCo/G/m0O0hiG3XvMhVdfbjPkDkCLblffgvO5Ms9FQ+ 5pO1nj/kIS9OPo0oVdtDKieWEPKa+dCyzaEfnkf+uUbt3EvWSD1V/iws -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12A2te/pU5kKGx6w4NQ0 s+WhGxj6zARwVgPbPJ+rTfXx5QKihrlbBz8qA+ukN61NGM32ry6zWlcAfWJGdkr0 bITmnYX/6bfH68OBidZOYNKwp2r0/Ryd00LGvJ1toi2Gr6u5rod5nUiRkyiLstyp 97c3nEDecCODJF1nqCtX5b6PsxRDRutqozQbgduspvpYGaVK/z6EukTPYp+ukRRA 9FJkfUX1evv+a/i/X/77vAH0bu9FkPvEM0O0G1dBKACxUXDlINxmesV87UeBTM6l curDsxSKAgZRYTXV5ac1/88mRWzwzJXKpJi/ySYQwYojQLphfsazrKOCDH7mgwDS 6QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1001 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA - G4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-08-09 09:51:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-10 21:06:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GT41840553' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.rapidssl.com/resources/cps (c)15' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated - RapidSSL(R)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'piwik.grace-web.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27188680318188877868596409105559087804365937266546472181055425308869933837267630917322776882048722375877580994690140604443669105174326796194642217413044813159273303758242805414023826454057494108039082363191119201891618165836243318104166858906151001724367118750467195639064408696804735316177894072583790257845475567768111561339539787955308554892122468419053170100209589365789989846896954990594419812151779493951856183626079038614421070709970663675321910744471066893341761412423716069184519010086659257050909151522603008931885594837662437530189234027767393758734981385183114538884608946786839621571411825403279408419561 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f3b5560cc409b0b4cf1faaf9dd2356f077e8a1f9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'piwik.grace-web.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008ccf441ca225bd280f3307366c76b998c5146031d676fa1b28b3970450fc78d85065fb55fbf8c56f6d5fc308a5e362988c170806bfeb4c31923fed691349a462e93febd88a70e75c885cd5c0941d155de3593d6416a0f1c8618fc74a0f00cfbc507822bf3ec0fb88fdf2e13856f309c3b65e4a821270257891eb8305805edbf444368dec440ee3a2de5e38462ca679aacb88f4d27f9d97a24ce02809c384590b506f1722a1370a5d805c2f5b5d3ea85035a0a61159f2b0a8fc6fe6d0ed21886dd7bcc85575f6e33e40e408b6e57df82f3b932cf4543ee693b59e3fe4212f4e3e8d2855db432a279610f29af9d0b2cda11f9e47feb946eddc4bd6483d55fe2c2c