Issued by SSL.com Free SSL CA

About this certificate


This digital certificate with serial number 95:88:e4:33:42:83:d2:28:df:28:da:45:93:b5:9f:8f was issued on by SSL.com .

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: Certificate contains an internal server name in the common name '[]'
  • ERROR: Certificate subjectAltName '[tk.local]' contains an internal server name
  • ERROR: Certificate subjectAltName '[tkserver.tk.local]' contains an internal server name
  • ERROR: Certificate CN is not listed in subjectAltName

Organization unit: Domain Control Validated
Organization unit: Hosted by Secure Sockets Laboratories, LLC
Organization unit: PositiveSSL Multi-Domain

SSL.com

Organization: SSL.com

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 95:88:e4:33:42:83:d2:28:df:28:da:45:93:b5:9f:8f
Serial Number (int): 198765752195324494809975075720071061391
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 0b:9e:eb:b3:38:63:8b:a4:65:0b:16:b2:4d:43:1f:69:c1:61:bb:e9
AuthorityKeyId: 4e:59:66:bf:f3:25:08:01:b2:8a:c2:b1:33:e1:3e:01:51:7b:82:29

Fingerprint (sha1): 69:0c:c0:5a:0b:cb:16:40:5d:67:85:97:07:70:a7:e2:47:d1:87:10
Fingerprint (sha256): 0c:01:6e:bc:16:14:68:68:af:ec:bb:22:fd:e8:60:8c:b3:12:bd:3b:69:f4:a0:83:06:1e:40:c2:93:1b:2d:a7

Issuing Certificate URL: http://crt.ssl.com/SSLcomFreeSSLCA.crt

Revocation information

OCSP Server: http://ocsp.ssl.com
CRL Distribution Point: http://crl.ssl.com/SSLcomFreeSSLCA.crl

Check the revocation status for the current certificate on
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

mail.tktheaters.com
tk.local
tkserver.tk.local

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgIRAJWI5DNCg9Io3yjaRZO1n48wDQYJKoZIhvcNAQEFBQAw PTELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB1NTTC5jb20xHDAaBgNVBAMTE1NTTC5j b20gRnJlZSBTU0wgQ0EwHhcNMTMxMDI5MDAwMDAwWhcNMTQxMDI5MjM1OTU5WjB7 MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxMzAxBgNVBAsTKkhv c3RlZCBieSBTZWN1cmUgU29ja2V0cyBMYWJvcmF0b3JpZXMsIExMQzEhMB8GA1UE CxMYUG9zaXRpdmVTU0wgTXVsdGktRG9tYWluMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA8OvObTHZ1xl2aSRG+aYgR46cnJgmmTgw3Olo1wwxUrRmvfgI ypOOIGgKwzBP8jzsATKOymIRsetxLWzfCBvjd20Bn4b9ElP9DQUxbKEcZfmDrsaQ SxDIACIqs0pSBQcp3BnUVrYXRrxYguznZpbIgA3p9/1kx8OSF1vs6gQLl8xO6cCs FOnH+vMOpyQd1snjQj2k//wzrBjU1i7BTFtPIii6HDuxd/CHml7OBdTMrWpvyqYv 7IHn/5fVij5pYVkv8pNS9nhg6l/ibQlWovR58upQRv/8szdlqZoqmnakYXV6jmFt 9BpI7AxN4ZOuJcBFYsOjwGZNqlXHMhn6w8iTSwIDAQABo4IBuzCCAbcwHwYDVR0j BBgwFoAUTllmv/MlCAGyisKxM+E+AVF7gikwHQYDVR0OBBYEFAue67M4Y4ukZQsW sk1DH2nBYbvpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBdBgNVHSAEVjBUMEgGCisGAQQBgqkwAQEw OjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvc3Ns X3YxX2Nwcy5wZGYwCAYGZ4EMAQIBMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9j cmwuc3NsLmNvbS9TU0xjb21GcmVlU1NMQ0EuY3JsMGMGCCsGAQUFBwEBBFcwVTAy BggrBgEFBQcwAoYmaHR0cDovL2NydC5zc2wuY29tL1NTTGNvbUZyZWVTU0xDQS5j cnQwHwYIKwYBBQUHMAGGE2h0dHA6Ly9vY3NwLnNzbC5jb20wOwYDVR0RBDQwMoIT bWFpbC50a3RoZWF0ZXJzLmNvbYIIdGsubG9jYWyCEXRrc2VydmVyLnRrLmxvY2Fs MA0GCSqGSIb3DQEBBQUAA4IBAQBN4geP+dka2qotzjeHOS8iRh8FsZxB8JhQzygY Z6BUGcvhL7TFlEhny/LmVr0sw13Ch3VOhACgDF+fOJqkK2nPbLXCP2j4uE6RvW4+ Oa87p6jtYH3nWzqde7/KFAaWr84wUXlHcjIp0Vu4e9PVIYTwRB0YaxgfaDrHaHcz fSAyLa1xK2vZj45dGEA6jLmZ1xLvXpbb0ZrwnSPnY+mmoguRcu0/yKhJNm0Ei25H twMk79Ybln3wGO7MDu6gcoquKw1q9NFgc1E9lXHiDrwpR1ads9O9/qcRdWUTdPBu eTwQiU5RnZ8iQVxkGUOQGufO/Gi9XWeKxDyk36V3ONr7ifc8 -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OvObTHZ1xl2aSRG+aYg R46cnJgmmTgw3Olo1wwxUrRmvfgIypOOIGgKwzBP8jzsATKOymIRsetxLWzfCBvj d20Bn4b9ElP9DQUxbKEcZfmDrsaQSxDIACIqs0pSBQcp3BnUVrYXRrxYguznZpbI gA3p9/1kx8OSF1vs6gQLl8xO6cCsFOnH+vMOpyQd1snjQj2k//wzrBjU1i7BTFtP Iii6HDuxd/CHml7OBdTMrWpvyqYv7IHn/5fVij5pYVkv8pNS9nhg6l/ibQlWovR5 8upQRv/8szdlqZoqmnakYXV6jmFt9BpI7AxN4ZOuJcBFYsOjwGZNqlXHMhn6w8iT SwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 198765752195324494809975075720071061391 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SSL.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SSL.com Free SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-10-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-10-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hosted by Secure Sockets Laboratories, LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PositiveSSL Multi-Domain' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30413473638684962830852947451745002593061534758454553593915259720572881282144721804241890466907906577272614799578024349617768206445216601713950207394413085661199782963001051791116295990544200771383498367006906950739594145167295362309430335954237555184377129335649875168359260395963784629335536203897742990752253318034951580437913379252747527526191025403547451079972034875025265017322524723563151733417920180633776023711403754953291151067128031805013869487718884254067985774252821497137729785334021914563228191497083125270400532566378372952577063755125706861721918068142987549213493027088650743594613076991605408830283 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4e5966bff3250801b28ac2b133e13e01517b8229 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0b9eebb338638ba4650b16b24d431f69c161bbe9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (86 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.ssl.com/repository/ssl_v1_cps.pdf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.ssl.com/SSLcomFreeSSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.ssl.com/SSLcomFreeSSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tktheaters.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tk.local' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tkserver.tk.local' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004de2078ff9d91adaaa2dce3787392f22461f05b19c41f09850cf281867a05419cbe12fb4c5944867cbf2e656bd2cc35dc287754e8400a00c5f9f389aa42b69cf6cb5c23f68f8b84e91bd6e3e39af3ba7a8ed607de75b3a9d7bbfca140696afce30517947723229d15bb87bd3d52184f0441d186b181f683ac76877337d20322dad712b6bd98f8e5d18403a8cb999d712ef5e96dbd19af09d23e763e9a6a20b9172ed3fc8a849366d048b6e47b70324efd61b967df018eecc0eeea0728aae2b0d6af4d16073513d9571e20ebc2947569db3d3bdfea71175651374f06e793c10894e519d9f22415c641943901ae7cefc68bd5d678ac43ca4dfa57738dafb89f73c