www.px.nsls.bnl.gov

Issued by GlobalSign Organization Validation CA - G2

About this certificate


This digital certificate with serial number 11:21:b0:94:16:19:54:2c:25:e2:a3:11:93:48:0a:52:9f:61 was issued on by GlobalSign nv-sa .

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Brookhaven National Laboratory

Organization: Brookhaven National Laboratory
State / Province: New York
Locality: Upton
Country: US

GlobalSign nv-sa

Organization: GlobalSign nv-sa
State / Province: New York
Locality: Upton
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 11:21:b0:94:16:19:54:2c:25:e2:a3:11:93:48:0a:52:9f:61
Serial Number (int): 1492372891983728136090680434302180006207329
Serial Number lenght: 141 bits, 18 octets

SubjectKeyId: 69:72:74:d8:e2:d3:70:b4:c3:0e:4c:5f:80:8e:61:bf:09:d0:74:b4
AuthorityKeyId: 5d:46:b2:8d:c4:4b:74:1c:bb:ed:f5:73:b6:3a:b7:38:8f:75:9e:7e

Fingerprint (sha1): af:33:ef:71:82:77:ca:f1:36:2f:07:45:d2:d0:a0:30:85:82:3f:bb
Fingerprint (sha256): 51:03:e4:22:8f:87:22:94:98:db:ce:f2:c8:97:3a:57:bc:ea:55:ec:e7:95:cc:63:b4:dd:99:b1:0c:59:66:22

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalg2.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalg2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalg2.crl

Check the revocation status for the current certificate on www.px.nsls.bnl.gov
6
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.px.nsls.bnl.gov
www.cssb.bnl.gov
cssb.bnl.gov
www.abbix.nsls2.bnl.gov
abbix.nsls2.bnl.gov
px.nsls.bnl.gov

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgISESGwlBYZVCwl4qMRk0gKUp9hMA0GCSqGSIb3DQEBBQUA MF0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTMwMQYD VQQDEypHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gRzIw HhcNMTMwNjE0MTQxMDAzWhcNMTQwNzE5MTUzMzQxWjB3MQswCQYDVQQGEwJVUzER MA8GA1UECBMITmV3IFlvcmsxDjAMBgNVBAcTBVVwdG9uMScwJQYDVQQKEx5Ccm9v a2hhdmVuIE5hdGlvbmFsIExhYm9yYXRvcnkxHDAaBgNVBAMME3d3dy5weC5uc2xz LmJubC5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnQj8Sj9uo QfUU1WMUR0weSrdSj/4wYJ63sigvbrebUi/16QjYxAT6YT+Xas8HnYlFDfpVV4Vj aN9qhCsmBFObORBnqSZ3Z82rV58hQCtlS47F835QqrKT88RpuX9QSgzfBi+/YuNF YYDixFE7zl6tKwaiZoOuWG68SR1ZIklQMSSHDr3mc5uRFaUkVenbjXGqrHnaNUHh fzx7ek3xuwJdJtoh7Z2HC73MGiyiVOVvriI5jUt/ltG2y61mnRyCWi8drEUHe7hC 1AFSNur3iX2u7NlVMSIyLGloUld1baE7IK6eDYAt9376K3xCOrnC+zjLMOpei4bP KZqzrzUfEr/pAgMBAAGjggIoMIICJDAOBgNVHQ8BAf8EBAMCBaAwSQYDVR0gBEIw QDA+BgZngQwBAgIwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2ln bi5jb20vcmVwb3NpdG9yeS8wfQYDVR0RBHYwdIITd3d3LnB4Lm5zbHMuYm5sLmdv doIQd3d3LmNzc2IuYm5sLmdvdoIMY3NzYi5ibmwuZ292ghd3d3cuYWJiaXgubnNs czIuYm5sLmdvdoITYWJiaXgubnNsczIuYm5sLmdvdoIPcHgubnNscy5ibmwuZ292 MAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEUGA1Ud HwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3Nvcmdh bml6YXRpb252YWxnMi5jcmwwgZYGCCsGAQUFBwEBBIGJMIGGMEcGCCsGAQUFBzAC hjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc29yZ2FuaXph dGlvbnZhbGcyLmNydDA7BggrBgEFBQcwAYYvaHR0cDovL29jc3AyLmdsb2JhbHNp Z24uY29tL2dzb3JnYW5pemF0aW9udmFsZzIwHQYDVR0OBBYEFGlydNji03C0ww5M X4COYb8J0HS0MB8GA1UdIwQYMBaAFF1Gso3ES3Qcu+31c7Y6tziPdZ5+MA0GCSqG SIb3DQEBBQUAA4IBAQC8nXDFFGOG5xeP/YFy+yd2vvIeAw+WGDBJKlot8Kjby5XX LrTHHWbrOAZrP6Dq1i7WjC7B6vaqGjDgYd7R9tNw71mWc5Hma2px3/r1REkFw3QB yEADodO2SlS0dpsqcNgA3XSPFHemrY8kUSSY4C70J+lIzUctyv4sxrzLIRaMW+nf B6lzOTs9uFgGMEIQIIspQCPOisM54EN1EKeJ77FswNzYB2UIni6bzOi+6bto4qYi hVv9AqjTiwwQaeDHE0OQZeHfYXHCjfNJ6ev8MfAeDTju/IASyQjNUp9GwV+26OAp 6TRzFk1pcT5/ai+SgxLV+ITA8rXGTm5zWAzYfanC -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0I/Eo/bqEH1FNVjFEdM Hkq3Uo/+MGCet7IoL263m1Iv9ekI2MQE+mE/l2rPB52JRQ36VVeFY2jfaoQrJgRT mzkQZ6kmd2fNq1efIUArZUuOxfN+UKqyk/PEabl/UEoM3wYvv2LjRWGA4sRRO85e rSsGomaDrlhuvEkdWSJJUDEkhw695nObkRWlJFXp241xqqx52jVB4X88e3pN8bsC XSbaIe2dhwu9zBosolTlb64iOY1Lf5bRtsutZp0cglovHaxFB3u4QtQBUjbq94l9 ruzZVTEiMixpaFJXdW2hOyCung2ALfd++it8Qjq5wvs4yzDqXouGzymas681HxK/ 6QIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1492372891983728136090680434302180006207329 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-06-14 14:10:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-07-19 15:33:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Upton' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Brookhaven National Laboratory' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.px.nsls.bnl.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21114464235349182454370855768400021624141938550526459580640088751209509098257235332234098501780121466086662604495054694373379460505370950565811881848939167543522305095282750674894112686261305327007206739842842886967512486856335544766714842097531442065486498366151445134977004677789752478868208519193693559013714231441555264416422771483286890124881125513952399973907024760762770950816962780062491239928457292357086423410823246759119164021463414976668492075843587267574914450633064865552471168445765596497855266782588632669295962947838242197042490682179161321990171134646751796241572351815637119247708841606561907523561 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.px.nsls.bnl.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cssb.bnl.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cssb.bnl.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.abbix.nsls2.bnl.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'abbix.nsls2.bnl.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'px.nsls.bnl.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalg2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (137 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalg2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalg2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 697274d8e2d370b4c30e4c5f808e61bf09d074b4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5d46b28dc44b741cbbedf573b63ab7388f759e7e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bc9d70c5146386e7178ffd8172fb2776bef21e030f961830492a5a2df0a8dbcb95d72eb4c71d66eb38066b3fa0ead62ed68c2ec1eaf6aa1a30e061ded1f6d370ef59967391e66b6a71dffaf5444905c37401c84003a1d3b64a54b4769b2a70d800dd748f1477a6ad8f24512498e02ef427e948cd472dcafe2cc6bccb21168c5be9df07a973393b3db85806304210208b294023ce8ac339e0437510a789efb16cc0dcd80765089e2e9bcce8bee9bb68e2a622855bfd02a8d38b0c1069e0c713439065e1df6171c28df349e9ebfc31f01e0d38eefc8012c908cd529f46c15fb6e8e029e93473164d69713e7f6a2f928312d5f884c0f2b5c64e6e73580cd87da9c2