ssl2698.cloudflare.com

Issued by GlobalSign Organization Validation CA - G2

About this certificate


This digital certificate with serial number 11:21:02:98:e8:77:c5:d9:8a:06:b3:8f:db:b2:4d:b5:bd:a4 was issued on by GlobalSign nv-sa .

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

CloudFlare, Inc.

Organization: CloudFlare, Inc.
State / Province: CA
Locality: San Francisco
Country: US

GlobalSign nv-sa

Organization: GlobalSign nv-sa
State / Province: CA
Locality: San Francisco
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 11:21:02:98:e8:77:c5:d9:8a:06:b3:8f:db:b2:4d:b5:bd:a4
Serial Number (int): 1492141631348437640334475847622596540874148
Serial Number lenght: 141 bits, 18 octets

SubjectKeyId: ad:cc:32:4b:87:79:4f:ed:ab:31:7f:d6:28:20:90:2c:e7:90:1f:76
AuthorityKeyId: 5d:46:b2:8d:c4:4b:74:1c:bb:ed:f5:73:b6:3a:b7:38:8f:75:9e:7e

Fingerprint (sha1): 8d:77:6f:bf:4f:50:27:d3:aa:bf:27:60:64:cc:90:02:36:b3:20:25
Fingerprint (sha256): c7:73:76:d1:f3:db:a4:c3:0c:de:6b:86:e6:f6:92:92:40:48:19:02:f1:cc:98:0c:58:3e:51:f9:e5:31:00:35

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalg2.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalg2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalg2.crl

Check the revocation status for the current certificate on ssl2698.cloudflare.com
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

ssl2698.cloudflare.com
kyani.net
*.kyani.net

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgISESECmOh3xdmKBrOP27JNtb2kMA0GCSqGSIb3DQEBBQUA MF0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTMwMQYD VQQDEypHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gRzIw HhcNMTMwNTE4MTMyNTIyWhcNMTcxMTE1MTMzNjQ4WjBuMQswCQYDVQQGEwJVUzEL MAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoTEENs b3VkRmxhcmUsIEluYy4xHzAdBgNVBAMTFnNzbDI2OTguY2xvdWRmbGFyZS5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Z+NyvXzdMx67krlgV1Bp mbHj7B74Wmv4gSlWnTUYig2iKiQAtURChbNtl0YRKRGWwWdWL17h5Z4u7yqbMFzX i5vLYuAwwHQ+5Y4KxzbAAND6uEQZdgj2OqmS5/xxFzHjwEePTisnlTaxvXtEMUWq e2pm1n2Chjb04gkbqWp7uWBXQaRlg8UVbkSG/fw84lRJif1ync+5TWXaGKSfAjMs MrbADQ6XX3tHuVZJ9Zh6SpOfvSR854Iiq5dbPyFo5KOe9ZqiD5X8L5KPsipYzCO5 63IfmdGon+JLGljSA6MMULb1FAmEgX7GYdhKaSTWxPDvD5ciJaPfIVlV3jZE6pmP AgMBAAGjggHkMIIB4DAOBgNVHQ8BAf8EBAMCBaAwSQYDVR0gBEIwQDA+BgZngQwB AgIwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVw b3NpdG9yeS8wOQYDVR0RBDIwMIIWc3NsMjY5OC5jbG91ZGZsYXJlLmNvbYIJa3lh bmkubmV0ggsqLmt5YW5pLm5ldDAJBgNVHRMEAjAAMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY3JsLmdsb2Jh bHNpZ24uY29tL2dzL2dzb3JnYW5pemF0aW9udmFsZzIuY3JsMIGWBggrBgEFBQcB AQSBiTCBhjBHBggrBgEFBQcwAoY7aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNv bS9jYWNlcnQvZ3Nvcmdhbml6YXRpb252YWxnMi5jcnQwOwYIKwYBBQUHMAGGL2h0 dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc29yZ2FuaXphdGlvbnZhbGcyMB0G A1UdDgQWBBStzDJLh3lP7asxf9YoIJAs55AfdjAfBgNVHSMEGDAWgBRdRrKNxEt0 HLvt9XO2Orc4j3WefjANBgkqhkiG9w0BAQUFAAOCAQEAb4o2LTs3GfnqEgIFw7aa 5c5/4idF3thG2iCBHrxSLMCWDtvfSqSQeEW837u/v8RMW/6Nm8YjMsL7L/m8YJbb AEkJGNUvtjeMjQYUcn+P8NTxZVlPIm+CFTomBNbmx/PU2bvLzorDjsdmuINORDxn OpOjMB5a1IXkfc43a6gYZMF9hX1vUgIesD2IYJFOx0Ayc8Y5kIXrD8TbuYofoeeV 15mJPGM/j7aAihwIP6sdzpbd9E1ECnZ0YcxJ6tfpBmwEL5TCdym+X4c/COQCoST+ KNHXNwp3fQMPTklf7V+84DyZpFdcV8ZV67DW+boxbZFX2qLmFq6uYLAFctkFIgoH 6w== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmfjcr183TMeu5K5YFdQ aZmx4+we+Fpr+IEpVp01GIoNoiokALVEQoWzbZdGESkRlsFnVi9e4eWeLu8qmzBc 14uby2LgMMB0PuWOCsc2wADQ+rhEGXYI9jqpkuf8cRcx48BHj04rJ5U2sb17RDFF qntqZtZ9goY29OIJG6lqe7lgV0GkZYPFFW5Ehv38POJUSYn9cp3PuU1l2hiknwIz LDK2wA0Ol197R7lWSfWYekqTn70kfOeCIquXWz8haOSjnvWaog+V/C+Sj7IqWMwj uetyH5nRqJ/iSxpY0gOjDFC29RQJhIF+xmHYSmkk1sTw7w+XIiWj3yFZVd42ROqZ jwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1492141631348437640334475847622596540874148 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-05-18 13:25:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-15 13:36:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CloudFlare, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ssl2698.cloudflare.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24036507257227088672679014234022979371474280286199988651860136932148458915632817269233718794559838069285691046828379195761209128336490739094128276511332337369387211680085096554188915242592272940288305581586195673096970943582845943877809550149514294759440867704728165455235861750611544207540942684320487120306272125673223393550625089516041895713632393925929381598435871927292986672083089647120360352731983556402815737448334672741768075256510365324437398130456582154830336699963006817814324125082132205007387854631640619816063609401169607550182200677636713804930871816434289345246814667486714952084498698071807737108879 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssl2698.cloudflare.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kyani.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kyani.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalg2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (137 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalg2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalg2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) adcc324b87794fedab317fd62820902ce7901f76 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5d46b28dc44b741cbbedf573b63ab7388f759e7e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006f8a362d3b3719f9ea120205c3b69ae5ce7fe22745ded846da20811ebc522cc0960edbdf4aa4907845bcdfbbbfbfc44c5bfe8d9bc62332c2fb2ff9bc6096db00490918d52fb6378c8d0614727f8ff0d4f165594f226f82153a2604d6e6c7f3d4d9bbcbce8ac38ec766b8834e443c673a93a3301e5ad485e47dce376ba81864c17d857d6f52021eb03d8860914ec7403273c6399085eb0fc4dbb98a1fa1e795d799893c633f8fb6808a1c083fab1dce96ddf44d440a767461cc49ead7e9066c042f94c27729be5f873f08e402a124fe28d1d7370a777d030f4e495fed5fbce03c99a4575c57c655ebb0d6f9ba316d9157daa2e616aeae60b00572d905220a07eb