riigikantselei.ee

Issued by KLASS3-SK 2010

About this certificate


This digital certificate with serial number 1f:fa:99:81:21:8b:58:f1:56:6a:c3:60:ab:42:89:ed was issued on by AS Sertifitseerimiskeskus .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Riigikantselei

Organization: Riigikantselei
Organization unit: TTO
State / Province: Harjumaa
Locality: Tallinn
Country: EE

AS Sertifitseerimiskeskus

Organization: AS Sertifitseerimiskeskus
Organization unit: Sertifitseerimisteenused
State / Province: Harjumaa
Locality: Tallinn
Country: EE

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 1f:fa:99:81:21:8b:58:f1:56:6a:c3:60:ab:42:89:ed
Serial Number (int): 42507255523449888045998695718345411053
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: da:3f:ab:df:aa:23:8f:d8:4e:d1:ea:f4:89:7e:7b:45:3c:96:4c:55
AuthorityKeyId: 5d:75:14:11:8c:f4:a5:8e:42:8f:7b:b2:40:44:a3:ee:d6:7a:3b:72

Fingerprint (sha1): 54:7e:01:08:59:dc:6e:7a:6b:ec:87:28:9a:92:26:27:6e:71:75:0f
Fingerprint (sha256): 04:f5:07:c7:f0:0f:df:cd:19:8c:83:70:f7:82:21:ff:2b:1b:56:3e:01:f3:41:44:8a:df:ce:31:f8:8d:ed:87

Issuing Certificate URL: http://www.sk.ee/certs/KLASS3-SK_2010_ECCRCA.pem.crt

Revocation information

OCSP Server: http://ocsp.sk.ee/ssl
CRL Distribution Point: http://www.sk.ee/crls/klass3/klass3-2010.crl

Check the revocation status for the current certificate on riigikantselei.ee
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

riigikantselei.ee
www.riigikantselei.ee

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgIQH/qZgSGLWPFWasNgq0KJ7TANBgkqhkiG9w0BAQsFADBt MQswCQYDVQQGEwJFRTEiMCAGA1UEChMZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 czEhMB8GA1UECxMYU2VydGlmaXRzZWVyaW1pc3RlZW51c2VkMRcwFQYDVQQDEw5L TEFTUzMtU0sgMjAxMDAeFw0xNTEyMTExMjM2MzhaFw0xOTAxMDkxMjM2MzhaMHUx ETAPBgNVBAgMCEhhcmp1bWFhMRAwDgYDVQQHDAdUYWxsaW5uMQswCQYDVQQGEwJF RTEXMBUGA1UECgwOUmlpZ2lrYW50c2VsZWkxDDAKBgNVBAsMA1RUTzEaMBgGA1UE AwwRcmlpZ2lrYW50c2VsZWkuZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDK72bavJ0LdccfaHI3tJyCrk7YmqwZ0iH16Kfscbd5lqJn2ebylUNW5z6g Mte8f6EumM/7P2ryVLYKyAt0K2suxTNalwLj7OstTbm7srLy1N+2xTR5Xi8lcCaD 4Xbk8k7AMAfRqGkPqAJkTc8bzTP2P7gQzlP2vbqMp9FmzE6iOWWYx0Samlq7V+Tc 2vb5Z4j/piqRZc3l9hUmtjmtJseMDH3HM05dXspBteF7KYAyNxbZSJEDezITcbSc /nnnFc81j47ToqM5TPPI0mRqbm3yxhyyV7rgLCtdK7Y5oETGoBEWQEHY1xqHwy8x qOrT4iUurgdFlaARFfqoK0cziIXTAgMBAAGjggGbMIIBlzAJBgNVHRMEAjAAMDwG A1UdIAQ1MDMwMQYKKwYBBAHOHwcBAzAjMCEGCCsGAQUFBwIBFhVodHRwczovL3d3 dy5zay5lZS9jcHMwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHwYDVR0jBBgwFoAUXXUU EYz0pY5Cj3uyQESj7tZ6O3IwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQWBBTaP6vf qiOP2E7R6vSJfntFPJZMVTAzBgNVHREELDAqghFyaWlnaWthbnRzZWxlaS5lZYIV d3d3LnJpaWdpa2FudHNlbGVpLmVlMHMGCCsGAQUFBwEBBGcwZTAhBggrBgEFBQcw AYYVaHR0cDovL29jc3Auc2suZWUvc3NsMEAGCCsGAQUFBzAChjRodHRwOi8vd3d3 LnNrLmVlL2NlcnRzL0tMQVNTMy1TS18yMDEwX0VDQ1JDQS5wZW0uY3J0MD0GA1Ud HwQ2MDQwMqAwoC6GLGh0dHA6Ly93d3cuc2suZWUvY3Jscy9rbGFzczMva2xhc3Mz LTIwMTAuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBHRayyU+v/X9dVhNMR49Bpdunx 5OZVnrht1mlkI0IM5Ia1cJKWGz8OEU96ebCyRttPxIAQSmO+fYXZysLrlPK5YaBi oBP8oqx+dX20QHlfi0scQdPZ24pCODY7q7pk64P2Jr6WdT+AWW949fKp+D1GhNq9 orQ/aKJB8tk/mKLVeD0p1avjJ7htDecH1Gtl00nC36R2Nv/jJQ8MvGchpch5iNpF XgiP6HwJH8p9N3wu5QvcV/Ufua8wU9jWgTASU/MyzqqrRcrkdjrVavtmMYLRvCGP lUcyfUrX3tEY8hGX2MPYpPPNhQK0o76xFDhmxeOBm8184QKprR1tSBVmTSH6 -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu9m2rydC3XHH2hyN7Sc gq5O2JqsGdIh9ein7HG3eZaiZ9nm8pVDVuc+oDLXvH+hLpjP+z9q8lS2CsgLdCtr LsUzWpcC4+zrLU25u7Ky8tTftsU0eV4vJXAmg+F25PJOwDAH0ahpD6gCZE3PG80z 9j+4EM5T9r26jKfRZsxOojllmMdEmppau1fk3Nr2+WeI/6YqkWXN5fYVJrY5rSbH jAx9xzNOXV7KQbXheymAMjcW2UiRA3syE3G0nP555xXPNY+O06KjOUzzyNJkam5t 8sYcsle64CwrXSu2OaBExqARFkBB2Ncah8MvMajq0+IlLq4HRZWgERX6qCtHM4iF 0wIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 42507255523449888045998695718345411053 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AS Sertifitseerimiskeskus' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sertifitseerimisteenused' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KLASS3-SK 2010' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-11 12:36:38 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-09 12:36:38 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Harjumaa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Tallinn' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Riigikantselei' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'TTO' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'riigikantselei.ee' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25618191018385417576448184393096114011853155392902560504917789885607330448384049850848648253654206860794194061297370608926073161616806615038152072277524524924553184533589306340509136989502720216675654685966413895526377138450203760376149671792929540641949847255251816790118479917947438210331589396335935738608596700753935325046022426160669177950222933206944410989905706243071496863959757916161296771074052233160880292293981276179507616496016665103898889912630152747471195742740162128399883011101003094446710885260992765191883715285450775744714105892639699525501321195017905190487224445233474872486728101012641449280979 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.10015.7.1.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.sk.ee/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5d7514118cf4a58e428f7bb24044a3eed67a3b72 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) da3fabdfaa238fd84ed1eaf4897e7b453c964c55 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riigikantselei.ee' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.riigikantselei.ee' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sk.ee/ssl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.sk.ee/certs/KLASS3-SK_2010_ECCRCA.pem.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.sk.ee/crls/klass3/klass3-2010.crl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004745acb253ebff5fd75584d311e3d06976e9f1e4e6559eb86dd6696423420ce486b57092961b3f0e114f7a79b0b246db4fc480104a63be7d85d9cac2eb94f2b961a062a013fca2ac7e757db440795f8b4b1c41d3d9db8a4238363babba64eb83f626be96753f80596f78f5f2a9f83d4684dabda2b43f68a241f2d93f98a2d5783d29d5abe327b86d0de707d46b65d349c2dfa47636ffe3250f0cbc6721a5c87988da455e088fe87c091fca7d377c2ee50bdc57f51fb9af3053d8d681301253f332ceaaab45cae4763ad56afb663182d1bc218f9547327d4ad7ded118f21197d8c3d8a4f3cd8502b4a3beb1143866c5e3819bcd7ce102a9ad1d6d4815664d21fa