my.kitin.at
Issued by SSL.com RSA SSL subCA
About this certificate
This digital certificate with serial number 36:be:17:58:c3:23:d1:e6:ee:59:3c:c0:7f:f4:0c:3b was issued on by SSL Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=my.kitin.at
SSL Corporation
Organization:
SSL Corporation
State / Province:
Texas
Locality: Houston
Country: US
Locality: Houston
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): 36:be:17:58:c3:23:d1:e6:ee:59:3c:c0:7f:f4:0c:3bSerial Number (int): 72765321703399140183277517159263374395
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 26:14:7e:e0:dc:d7:a6:f7:e2:d4:04:27:df:61:f1:c2:ec:e7:32:ca
Fingerprint (sha1): dd:57:09:00:9e:4d:f2:dd:85:c7:1f:af:17:ba:67:1f:6b:fa:22:18
Fingerprint (sha256): 4b:9e:68:6d:7f:9b:0c:91:b4:51:75:b6:91:1a:9f:57:30:c3:ef:ac:59:08:3e:a6:61:db:f5:5d:3b:e0:1a:da
Issuing Certificate URL: http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer
Revocation information
OCSP Server: http://ocsps.ssl.comCRL Distribution Point: http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl
Check the revocation status for certificate my.kitin.at
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for my.kitin.at
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
my.kitin.at
www.my.kitin.at
www.my.kitin.at
Other certificates including the domain name kitin.at
(limited to 100 certificates)
Certificate
The complete raw certificate details for my.kitin.at in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFizCCA3OgAwIBAgIQNr4XWMMj0ebuWTzAf/QMOzANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg U1NMIHN1YkNBMB4XDTIzMTEyNzIyNTI0OVoXDTI0MTEyNzIyNTI0OVowFjEUMBIG A1UEAwwLbXkua2l0aW4uYXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDLA9Zq0mYVg0T4AoAXoz9/fP+/n2eeXs3G6urOqQfDuFKJRIqBoHRNsB2mNKsQ /1zFBnpEr75KM8p+pW6DdAO40ZcLbjVzFalpxfMACRRLxsAwAw8JjcHt6F24v4U0 BOYCrrR2ScmGpUFdR8pO3lfswHfUJc1i9JkhNo4idqWKMWnjk9eSesZSWK7lm962 vFkybHNCERmp7o0DDkk8vaN2xJAHnMnOn4YxC4kvZVsrJDtmYesjVm+REwMkrj9x Z2IKpywiRUyg9oeNFCj8kn4wmE2PCgaSpqU9RY0845QHZJ99VFcAHaQs8VzZe3V8 fPhe0O5sflvhir9zRYo+DHwTAgMBAAGjggGAMIIBfDAMBgNVHRMBAf8EAjAAMB8G A1UdIwQYMBaAFCYUfuDc16b34tQEJ99h8cLs5zLKMHIGCCsGAQUFBwEBBGYwZDBA BggrBgEFBQcwAoY0aHR0cDovL2NlcnQuc3NsLmNvbS9TU0xjb20tU3ViQ0EtU1NM LVJTQS00MDk2LVIxLmNlcjAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5j b20wJwYDVR0RBCAwHoILbXkua2l0aW4uYXSCD3d3dy5teS5raXRpbi5hdDAjBgNV HSAEHDAaMAgGBmeBDAECATAOBgwrBgEEAYKpMAEDAQEwHQYDVR0lBBYwFAYIKwYB BQUHAwIGCCsGAQUFBwMBMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmxzLnNz bC5jb20vU1NMY29tLVN1YkNBLVNTTC1SU0EtNDA5Ni1SMS5jcmwwDgYDVR0PAQH/ BAQDAgWgMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQBQ vlaCtpquKT3YdWdGCLhPXsuJTHveeDhi/FMQF9Km1YiQFkqPvk+oza+w+lxvMLFg ZoXepLldb2MY+yKurzUkh5UU9d7AGn2Md0Zn92Si+IulwoVjmdZRpjGK6ba0dLEQ BuQrWjnkXviUY259lgR52hFLwvmpYDpfXFVGqNstvBnaqIHYwY59fbXp2sr/zM8O MxCJIocsF8uqGaYwkZpKe+IWfeGnJ+cS0d/ChFEJcAzSEdJiBrcXBg3WooHX/FlH qrH+6hGU/s49GTztvWui17NiF/nDwRpns7kv/fkhBHOgoLWRKL0L4kRbT0h37wu6 mFhS1ozjyNlwsQa3LxPN1YtEtRJ1r9X/5DDo+J1xk/Q5EFxJDIBpU5TFtkR152Ux 0ltubLblW5roBfVQHOOClPyJ5Klt5fnCkjJ0JpMrSbmcRtmxT3TCIVQIYGcy/kOn 8SJomZYZr5swglS7GHGnVC8LbuEQnZb5Bdsi8S0QrmSiSCVdne+3bUo7E+xutmTU 6kq1K8GlgijXNq7uInpRgwd/rJ4aSCwhT0u40gDttsunlxINk8ahWHD2V/H2pdbi YtMYEdSv6eVAiYSRU+7BlmVB68cpFr63PSPvOwLQj3HeXINgLR70ZHgbyr5n79Le nFbmdnea/LuloGDL6zuQZRwdlL8Tc4WAtLW2sdcOHw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywPWatJmFYNE+AKAF6M/ f3z/v59nnl7NxurqzqkHw7hSiUSKgaB0TbAdpjSrEP9cxQZ6RK++SjPKfqVug3QD uNGXC241cxWpacXzAAkUS8bAMAMPCY3B7ehduL+FNATmAq60dknJhqVBXUfKTt5X 7MB31CXNYvSZITaOInalijFp45PXknrGUliu5ZvetrxZMmxzQhEZqe6NAw5JPL2j dsSQB5zJzp+GMQuJL2VbKyQ7ZmHrI1ZvkRMDJK4/cWdiCqcsIkVMoPaHjRQo/JJ+ MJhNjwoGkqalPUWNPOOUB2SffVRXAB2kLPFc2Xt1fHz4XtDubH5b4Yq/c0WKPgx8 EwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 72765321703399140183277517159263374395 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Texas' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Houston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL.com RSA SSL subCA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-27 22:52:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-27 22:52:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'my.kitin.at' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25628268283160317033152000574554122292753067184908003991227818894706487822913804349509342971385317131992508460668133001038920429803642624538530888163421133991621572772982601827977031543021841430369485290621972790308546480548903432826822674088075307467852507693627629672715852245998029850114006643993508902411708067214902024704761408831993368350228119704596887384268025349832446231530226600006062159998673730160392818867372087897623900899881933762046596774856199722625900168768443807690100690442573138428316631697018597215956669382799915908068593258303242465654760892728674621249462702849733035134890245375640115903507 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26147ee0dcd7a6f7e2d40427df61f1c2ece732ca . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.kitin.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.my.kitin.at' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0050be5682b69aae293dd875674608b84f5ecb894c7bde783862fc531017d2a6d58890164a8fbe4fa8cdafb0fa5c6f30b1606685dea4b95d6f6318fb22aeaf3524879514f5dec01a7d8c774667f764a2f88ba5c2856399d651a6318ae9b6b474b11006e42b5a39e45ef894636e7d960479da114bc2f9a9603a5f5c5546a8db2dbc19daa881d8c18e7d7db5e9dacaffcccf0e33108922872c17cbaa19a630919a4a7be2167de1a727e712d1dfc2845109700cd211d26206b717060dd6a281d7fc5947aab1feea1194fece3d193cedbd6ba2d7b36217f9c3c11a67b3b92ffdf9210473a0a0b59128bd0be2445b4f4877ef0bba985852d68ce3c8d970b106b72f13cdd58b44b51275afd5ffe430e8f89d7193f439105c490c80695394c5b64475e76531d25b6e6cb6e55b9ae805f5501ce38294fc89e4a96de5f9c292327426932b49b99c46d9b14f74c2215408606732fe43a7f12268999619af9b308254bb1871a7542f0b6ee1109d96f905db22f12d10ae64a248255d9defb76d4a3b13ec6eb664d4ea4ab52bc1a58228d736aeee227a5183077fac9e1a482c214f4bb8d200edb6cba797120d93c6a15870f657f1f6a5d6e262d31811d4afe9e54089849153eec1966541ebc72916beb73d23ef3b02d08f71de5c83602d1ef464781bcabe67efd2de9c56e676779afcbba5a060cbeb3b90651c1d94bf13738580b4b5b6b1d70e1f