This digital certificate with serial number
3c:f5:5b:e7 was issued on
This certificate has already expired and will cause a warning
or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.
If we have found any compliance issues with this certificate they will be shown
below. I hope this certificate review is providing you the detailed information in a simple form you where looking
We have idenified some issues with this certificate:
The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types
Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder.
Subscriber Certiifcate: authorityInformationAccess MUST be present, with the exception of stapling.
Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards
Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical.
Subscriber certificate cRLDistributionPoints extension must contain the HTTP URL of the CA’s CRL service
Subscriber Certificate: commonName is deprecated.
When present in the CRLDistributionPoints extension, DistributionPointName SHOULD include at least one LDAP or HTTP URI
(RFC 5280: 126.96.36.199)
The keyUsage extension SHOULD be critical
(RFC 5280: 188.8.131.52)
Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate