www.off-the-rail.com

Issued by Starfield Secure Certification Authority

About this certificate


This digital certificate with serial number 04:2f:d7:5f:c2:ac:65 was issued on by Starfield Technologies, Inc. .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set
  • ERROR: countryName is required if organizationName is set

www.off-the-rail.com

Organization: www.off-the-rail.com
Organization unit: Domain Control Validated

Starfield Technologies, Inc.

Company registration number: 10688435
Organization: Starfield Technologies, Inc.
Organization unit: http://certificates.starfieldtech.com/repository

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 04:2f:d7:5f:c2:ac:65
Serial Number (int): 1178501977910373
Serial Number lenght: 51 bits, 7 octets

SubjectKeyId: f5:18:f5:1b:8e:5b:85:40:9b:cb:bd:58:da:4d:9d:fb:1d:d0:81:52
AuthorityKeyId: 49:4b:52:27:d1:1b:bc:f2:a1:21:6a:62:7b:51:42:7a:8a:d7:d5:56

Fingerprint (sha1): 13:cd:b6:fc:bb:90:b7:4f:c5:7f:f5:8b:f6:f9:8e:c1:4a:f3:18:e8
Fingerprint (sha256): f8:ee:55:e1:be:69:e8:a1:c0:8c:5f:b2:e4:6b:5b:52:bf:d3:07:cb:dc:b8:0e:6b:4b:f7:33:be:8a:a6:91:d5

Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sf_intermediate.crt

Revocation information

OCSP Server: http://ocsp.starfieldtech.com/
CRL Distribution Point: http://crl.starfieldtech.com/sfs1-24.crl

Check the revocation status for the current certificate on www.off-the-rail.com
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.off-the-rail.com
off-the-rail.com

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIHBC/XX8KsZTANBgkqhkiG9w0BAQUFADCB3DELMAkGA1UE BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAj BgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOTA3BgNVBAsTMGh0 dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeTEx MC8GA1UEAxMoU3RhcmZpZWxkIFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 eTERMA8GA1UEBRMIMTA2ODg0MzUwHhcNMTIxMjExMTA0OTMyWhcNMTMwNjI5MTIz MzU5WjBhMR0wGwYDVQQKExR3d3cub2ZmLXRoZS1yYWlsLmNvbTEhMB8GA1UECxMY RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMR0wGwYDVQQDExR3d3cub2ZmLXRoZS1y YWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbWbSx+vwZX PNk5LSyw/He88qsDynajAzSX8SE1cnp8ct8OzgrZrnUReuguKviZoEH+jMiNWhFb 8DVECc9fYW00d+oBENn7fuMkwjKg/BHeWNRxlvEZSuLKfzAfMSoJ/XBY7FcJsVZ7 4mUleuw52TAWJGKts0hJDMXG/ynPAcpR6XKH0vdmGsNyOwvJm+jtUGXS7CsIJU4b G4XZVbFIhIZyHorGeUHhZatHvcgZtL8XiV6pFEJ26ff0EF12IDePekdjed96IeQr A44oh3wY4cjmJp9QqCnfB/xSawFc1b0bzJV7Jf4wJ3dtnnWTSj7jSFAA9lKwCkiP RGb6XxyW6+8CAwEAAaOCAd0wggHZMA8GA1UdEwEB/wQFMAMBAQAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA5BgNVHR8EMjAw MC6gLKAqhihodHRwOi8vY3JsLnN0YXJmaWVsZHRlY2guY29tL3NmczEtMjQuY3Js MFkGA1UdIARSMFAwTgYLYIZIAYb9bgEHFwEwPzA9BggrBgEFBQcCARYxaHR0cDov L2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5LzCBjQYI KwYBBQUHAQEEgYAwfjAqBggrBgEFBQcwAYYeaHR0cDovL29jc3Auc3RhcmZpZWxk dGVjaC5jb20vMFAGCCsGAQUFBzAChkRodHRwOi8vY2VydGlmaWNhdGVzLnN0YXJm aWVsZHRlY2guY29tL3JlcG9zaXRvcnkvc2ZfaW50ZXJtZWRpYXRlLmNydDAfBgNV HSMEGDAWgBRJS1In0Ru88qEhamJ7UUJ6itfVVjAxBgNVHREEKjAoghR3d3cub2Zm LXRoZS1yYWlsLmNvbYIQb2ZmLXRoZS1yYWlsLmNvbTAdBgNVHQ4EFgQU9Rj1G45b hUCby71Y2k2d+x3QgVIwDQYJKoZIhvcNAQEFBQADggEBADmitNIe6T68Vlm8ksJv qckeq3s5E+ndOeWTDAMp1WFbE7L9qImswmL8q8212voFfCSrsGlkQ3IJW9a7c81v ip6XHR1m3k3fn/TkMlmxvPAn3bg9MvTahC7c9nIgeiHGmx87FAXqk9hRFJ6TFYT8 fBQbNyhx2s5MaLnGm1I8GXlVBuP4LAJdacDyOZiT3KGmrLKtScg1AiPsOPw8kn/N gUsoxdwFg5dxonf/1FUYC0wl4glxYB93c83SHd4xuXoIw1ROZm99E8n070gyJrRB Mx0EJ0pyErcVyLZXJEkpjRC2qupCttZDhuCAgBzqYrAXIfRNe5SqAVXprk3Tx8Wa 33E= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tZtLH6/Blc82TktLLD8 d7zyqwPKdqMDNJfxITVyenxy3w7OCtmudRF66C4q+JmgQf6MyI1aEVvwNUQJz19h bTR36gEQ2ft+4yTCMqD8Ed5Y1HGW8RlK4sp/MB8xKgn9cFjsVwmxVnviZSV67DnZ MBYkYq2zSEkMxcb/Kc8BylHpcofS92Yaw3I7C8mb6O1QZdLsKwglThsbhdlVsUiE hnIeisZ5QeFlq0e9yBm0vxeJXqkUQnbp9/QQXXYgN496R2N533oh5CsDjiiHfBjh yOYmn1CoKd8H/FJrAVzVvRvMlXsl/jAnd22edZNKPuNIUAD2UrAKSI9EZvpfHJbr 7wIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1178501977910373 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certificates.starfieldtech.com/repository' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '10688435' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-12-11 10:49:32 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-06-29 12:33:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.off-the-rail.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.off-the-rail.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27120734891152294811072149100360068495500828101761231988992600505137512929066331887020668909195767569947379186730280224622126657414212487865808004141253318398641578834550134208355409906670010004066997441892635479411831604546263627502126512994038459951884865219616456755304161378520438926977315628675859335014680711761171935519966729616165458243105848320918884614669077011547421216288286598406366655291907695436223974136928579810640306775783045064380605999878190807405898349826224580234802699856334041982331845879963114204538687349847095352635391304629467679804865573266954688029515288010715849876053879393601453485039 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (5 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN false . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfs1-24.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (128 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sf_intermediate.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 494b5227d11bbcf2a1216a627b51427a8ad7d556 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.off-the-rail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'off-the-rail.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f518f51b8e5b85409bcbbd58da4d9dfb1dd08152 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0039a2b4d21ee93ebc5659bc92c26fa9c91eab7b3913e9dd39e5930c0329d5615b13b2fda889acc262fcabcdb5dafa057c24abb069644372095bd6bb73cd6f8a9e971d1d66de4ddf9ff4e43259b1bcf027ddb83d32f4da842edcf672207a21c69b1f3b1405ea93d851149e931584fc7c141b372871dace4c68b9c69b523c19795506e3f82c025d69c0f2399893dca1a6acb2ad49c8350223ec38fc3c927fcd814b28c5dc05839771a277ffd455180b4c25e20971601f7773cdd21dde31b97a08c3544e666f7d13c9f4ef483226b441331d04274a7212b715c8b6572449298d10b6aaea42b6d64386e080801cea62b01721f44d7b94aa0155e9ae4dd3c7c59adf71