afos.gov.rw
Issued by RapidSSL TLS RSA CA G1
About this certificate
This digital certificate with serial number 08:bf:3b:cb:13:9a:84:37:04:b9:63:6a:11:a7:0f:7d was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=afos.gov.rw
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:bf:3b:cb:13:9a:84:37:04:b9:63:6a:11:a7:0f:7dSerial Number (int): 11626765417810099034608610258297753469
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: fd:54:2c:f0:ce:75:04:7c:99:98:df:31:b3:6b:02:2b:7f:5e:ee:3e
AuthorityKeyId: 0c:db:6c:82:49:0f:4a:67:0a:b8:14:ee:7a:c4:48:52:88:eb:56:38
Fingerprint (sha1): 2c:67:5c:10:b0:8a:42:7e:4a:47:88:18:8c:ec:77:06:be:64:12:c1
Fingerprint (sha256): 52:df:c5:e8:59:9d:e0:97:55:f4:b3:79:b0:9f:50:1e:0e:2e:be:23:fe:40:70:fd:e2:c6:f2:76:25:ab:97:81
Issuing Certificate URL: http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.rapidssl.comCRL Distribution Point: http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl
Check the revocation status for certificate afos.gov.rw
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for afos.gov.rw
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
afos.gov.rw
www.afos.gov.rw
www.afos.gov.rw
Other certificates including the domain name afos.gov.rw
(limited to 100 certificates)
Certificate
The complete raw certificate details for afos.gov.rw in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJDCCBQygAwIBAgIQCL87yxOahDcEuWNqEacPfTANBgkqhkiG9w0BAQsFADBg MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZSYXBpZFNTTCBUTFMgUlNBIENBIEcx MB4XDTIzMDMyODAwMDAwMFoXDTI0MDMyNzIzNTk1OVowFjEUMBIGA1UEAxMLYWZv cy5nb3YucncwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrfwzZ9mkZ AHuhTGbc0EpB2ODdCgHIH3Wr0nfSOAkYQMyRJQNnk2Qh2R5KZ34Vgysn2mdRAnk8 LTnjn9ao4oTjMjyuQWE8miCMVXB9q8sfn1ZRufnnFEZOgSxMtY7rqiaAwdcEwPFh DopoHE+53cK2mAxUJXHcYYxI1/7sNxRMeRxvcU4yBopafW3AZZ/JWYsNqpI4kTME Rd+ljsArZq6C0wIlVOtgffjQecB41Xi31ZJQ7a5+QV7g07+HFYsBDX68JRP6X87w 6jFjJfyElTX7ifWbzzrsnKjuoP8hp7koGMGpiCUX6ucInValHxvjdqDjrQYsEfuZ HtAaOpz8NqWpAgMBAAGjggMiMIIDHjAfBgNVHSMEGDAWgBQM22yCSQ9KZwq4FO56 xEhSiOtWODAdBgNVHQ4EFgQU/VQs8M51BHyZmN8xs2sCK39e7j4wJwYDVR0RBCAw HoILYWZvcy5nb3YucneCD3d3dy5hZm9zLmdvdi5ydzAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD8GA1UdHwQ4MDYwNKAyoDCG Lmh0dHA6Ly9jZHAucmFwaWRzc2wuY29tL1JhcGlkU1NMVExTUlNBQ0FHMS5jcmww PgYDVR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5k aWdpY2VydC5jb20vQ1BTMHYGCCsGAQUFBwEBBGowaDAmBggrBgEFBQcwAYYaaHR0 cDovL3N0YXR1cy5yYXBpZHNzbC5jb20wPgYIKwYBBQUHMAKGMmh0dHA6Ly9jYWNl cnRzLnJhcGlkc3NsLmNvbS9SYXBpZFNTTFRMU1JTQUNBRzEuY3J0MAkGA1UdEwQC MAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1AO7N0GTV2xrOxVy3nbTNE6Iy h0Z8vOzew1FIWUZxH7WbAAABhyd/X9oAAAQDAEYwRAIgTmrKuA4YwAyeY0vekEnc rKmj+eP+M96nV/GHZwYpvc0CIFBr8zqQy2OBJOOiuXYISES4AFkZ4gdOzvfqhR4Z 66zAAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGHJ39gJgAA BAMARzBFAiB9PSlt3vrzap55RsDCGt6RPOp1sg5AIVcuiQnoD4+XxQIhAMloBi/G Ihi0IvCNe2LDb0TaP/8+grHP/5LV/C+guxL4AHcA2ra/az+1tiKfm8K7XGvocJFx bLtRhIU0vaQ9MEjX+6sAAAGHJ39f7gAABAMASDBGAiEAluOGb70lBaINCGYJgT22 M7aCGFXlHD+bq63Oy283DukCIQDa9sLSKiLvrNoIrNRiTq94wMP3c7v5IjJoHwxm fFo1CDANBgkqhkiG9w0BAQsFAAOCAQEAEVcPEmuiwpmbRfnH9rEjUGcxQIEQ7xLd xzkgoJcNv4QcaMZDXllhY0w5+kD/svvXmcy3dZurTDP2GpiNnMdmRYvOeZKBgZ8T tPXSa+4ipnWEV1coDZ5+TQZv+GFhs97HcdyzZmCJMqoImiNoJL2WvXKkYWKLNw1J MPBjPLTFR4Dg61mTw2utGJhwsTBaGhkLKCGRrACImU2ma6u6ase1KGr110PG6m+e I/h0ZyNMQ88INgOQbYYbPefoKbZj3EZRLGfGWXLL4bWcTopK4tkSQzh3lGgd/BNf JFrkBjHO906YN4966SYQvznsMzlNglJnRRKIZngjagPuD45UxoaONQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq38M2fZpGQB7oUxm3NBK Qdjg3QoByB91q9J30jgJGEDMkSUDZ5NkIdkeSmd+FYMrJ9pnUQJ5PC0545/WqOKE 4zI8rkFhPJogjFVwfavLH59WUbn55xRGToEsTLWO66omgMHXBMDxYQ6KaBxPud3C tpgMVCVx3GGMSNf+7DcUTHkcb3FOMgaKWn1twGWfyVmLDaqSOJEzBEXfpY7AK2au gtMCJVTrYH340HnAeNV4t9WSUO2ufkFe4NO/hxWLAQ1+vCUT+l/O8OoxYyX8hJU1 +4n1m8867Jyo7qD/Iae5KBjBqYglF+rnCJ1WpR8b43ag460GLBH7mR7QGjqc/Dal qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11626765417810099034608610258297753469 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'afos.gov.rw' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21649400938259302947286544192060469903851403135003605572542169260894678002803944293150351730738570297855281317654646142789019192098445045654500804423253016214212763239758162119588781083776736450826443697437290510885137955616590976477717244795837432548080070323594644821954834592666881880416300249800553370479514165327124346619820345695752867551039404363024056036329974478964476044875853210784434518112224622570684182104767600320224783353278957101052685018417554651233310227187847370088962678762104060572344652349884914635988792842579046249179485275786833121140655027358353320075053606953164693271320054864287492384169 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0cdb6c82490f4a670ab814ee7ac4485288eb5638 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fd542cf0ce75047c9998df31b36b022b7f5eee3e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'afos.gov.rw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.afos.gov.rw' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.rapidssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000187277f5fda000004030046304402204e6acab80e18c00c9e634bde9049dcaca9a3f9e3fe33dea757f187670629bdcd0220506bf33a90cb638124e3a2b976084844b8005919e2074ecef7ea851e19ebacc000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000187277f6026000004030047304502207d3d296ddefaf36a9e7946c0c21ade913cea75b20e4021572e8909e80f8f97c5022100c968062fc62218b422f08d7b62c36f44da3fff3e82b1cfff92d5fc2fa0bb12f8007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab00000187277f5fee000004030048304602210096e3866fbd2505a20d086609813db633b6821855e51c3f9babadcecb6f370ee9022100daf6c2d22a22efacda08acd4624eaf78c0c3f773bbf92232681f0c667c5a3508 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0011570f126ba2c2999b45f9c7f6b123506731408110ef12ddc73920a0970dbf841c68c6435e5961634c39fa40ffb2fbd799ccb7759bab4c33f61a988d9cc766458bce799281819f13b4f5d26bee22a675845757280d9e7e4d066ff86161b3dec771dcb366608932aa089a236824bd96bd72a461628b370d4930f0633cb4c54780e0eb5993c36bad189870b1305a1a190b282191ac0088994da66babba6ac7b5286af5d743c6ea6f9e23f87467234c43cf083603906d861b3de7e829b663dc46512c67c65972cbe1b59c4e8a4ae2d91243387794681dfc135f245ae40631cef74e98378f7ae92610bf39ec33394d8252674512886678236a03ee0f8e54c6868e35