*.ext.geicoddc.net
- Government Employees Insurance Company -
Issued by Trustwave Organization Validation CA, Level 2
About this certificate
This digital certificate with serial number 06:59:7f:94:cd:ff:b0:07:2c:04:f8:4a:d6:9a:2e:95:8f:a2:07 was issued on by Trustwave Holdings, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Government Employees Insurance Company
Organization:
Government Employees Insurance Company
State / Province:
Maryland
Locality: Chevy Chase
Country: US
Locality: Chevy Chase
Country: US
Trustwave Holdings, Inc.
Organization:
Trustwave Holdings, Inc.
State / Province:
Illinois
Locality: Chicago
Country: US
Locality: Chicago
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:59:7f:94:cd:ff:b0:07:2c:04:f8:4a:d6:9a:2e:95:8f:a2:07Serial Number (int): 141600878295059552977957499824067144324194823
Serial Number lenght: 147 bits, 19 octets
SubjectKeyId: 81:43:06:fc:1f:c3:69:a8:b8:64:8c:a9:ea:47:bd:86:c4:a7:4a:36
AuthorityKeyId: 5d:d9:96:9a:40:c7:27:cb:2c:9b:a2:ec:cf:19:ab:c8:af:cc:86:48
Fingerprint (sha1): 0c:d6:7e:e0:a4:4f:0e:f8:fa:8c:31:a2:d9:60:1e:9a:8a:22:fd:f2
Fingerprint (sha256): 66:f8:51:bb:72:7c:a8:9c:de:4e:ff:77:ab:34:a0:c3:e3:93:f3:da:40:a3:ee:00:3a:20:64:68:e3:1b:69:ab
Issuing Certificate URL: http://ssl.trustwave.com/issuers/OVCA_L2.crt
Revocation information
OCSP Server: http://ocsp.trustwave.com/CRL Distribution Point: http://crl.trustwave.com/OVCA_L2.crl
Check the revocation status for certificate *.ext.geicoddc.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.ext.geicoddc.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.ext.geicoddc.net
Other certificates including the domain name geicoddc.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.ext.geicoddc.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgITBll/lM3/sAcsBPhK1poulY+iBzANBgkqhkiG9w0BAQUF ADCBrjELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdD aGljYWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xNjA0BgNV BAMTLVRydXN0d2F2ZSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSwgTGV2ZWwg MjEfMB0GCSqGSIb3DQEJARYQY2FAdHJ1c3R3YXZlLmNvbTAeFw0xNDExMTQxNzQ2 MjJaFw0xNjExMTQyMzQ2MjJaMIGEMRswGQYDVQQDDBIqLmV4dC5nZWljb2RkYy5u ZXQxLzAtBgNVBAoMJkdvdmVybm1lbnQgRW1wbG95ZWVzIEluc3VyYW5jZSBDb21w YW55MRQwEgYDVQQHDAtDaGV2eSBDaGFzZTERMA8GA1UECAwITWFyeWxhbmQxCzAJ BgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3QWfbRf k5VvveIrEbzcONJPgELkqUrSYPkQkkuvXYcFrNtIHDguvkAR5RO6DIHxzYUVtA2B IYTmBf4OUIZf4u5zG0O+aBn7jXtVCFzsYaNSnqq3UWyqr0W6wyDoQw+QH87fiqU6 204P0ONKtUT0G5g9uUeFGY0wvymv1u7hkmQCYUt1n+drDn7ZC0mi+bys06e7zNZA VobDY7kbd4JML1rnoCUC3LbQJhlkDNO2Oe9Uj8+OTIuWkuttvWn9nCk5m1oPqiDt kLGnPxjPQSLUnSsM+2d+Eks42x/wXGnyGqMsPQLMNaBB/43Yn8wDOKzODMswY3xl i7ehgPcTYpxH8QIDAQABo4IBgjCCAX4wCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDATAdBgNVHQ4EFgQUgUMG/B/Daai4ZIyp6ke9hsSn SjYwHwYDVR0jBBgwFoAUXdmWmkDHJ8ssm6LszxmryK/MhkgwSAYDVR0gBEEwPzA9 Bg8rBgEEAYHtGAMDAwMEBAMwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9zc2wudHJ1 c3R3YXZlLmNvbS9DQTAdBgNVHREEFjAUghIqLmV4dC5nZWljb2RkYy5uZXQwNQYD VR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC50cnVzdHdhdmUuY29tL09WQ0FfTDIu Y3JsMHAGCCsGAQUFBwEBBGQwYjAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudHJ1 c3R3YXZlLmNvbS8wOAYIKwYBBQUHMAKGLGh0dHA6Ly9zc2wudHJ1c3R3YXZlLmNv bS9pc3N1ZXJzL09WQ0FfTDIuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQDgZo0ST4Gf UkFHtC3biXlj16/abgm3D53rFuxDt74bV2QAWKL6r1sPGyx8E+SkjuddW9EwUpmW IGRFG8Gzdsb3GPiFV9mBDL5mNsNSE3YEN0Tdpo8RKXNZKUPx+OKiY4LCQdTR5olC AAleXMm99plVF9qiip+RBOHUl0mL97iUsveMRZ0k3dWSgY+uSXNhebYwdl9MMfpV NUabEXxreKAasmbAuoCMYnRbMzZv+b36SI1uw65Cj1S0gyYk6veqDxMDkIVcEEtI nOy9BV4Ju8guz3piUPgbHDSlpyZMfAwd+zJvggvWevSQ8O7XhqqPhhuTVr6+mHY/ MImM1fB21Z3G -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3QWfbRfk5VvveIrEbzc ONJPgELkqUrSYPkQkkuvXYcFrNtIHDguvkAR5RO6DIHxzYUVtA2BIYTmBf4OUIZf 4u5zG0O+aBn7jXtVCFzsYaNSnqq3UWyqr0W6wyDoQw+QH87fiqU6204P0ONKtUT0 G5g9uUeFGY0wvymv1u7hkmQCYUt1n+drDn7ZC0mi+bys06e7zNZAVobDY7kbd4JM L1rnoCUC3LbQJhlkDNO2Oe9Uj8+OTIuWkuttvWn9nCk5m1oPqiDtkLGnPxjPQSLU nSsM+2d+Eks42x/wXGnyGqMsPQLMNaBB/43Yn8wDOKzODMswY3xli7ehgPcTYpxH 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 141600878295059552977957499824067144324194823 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trustwave Holdings, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trustwave Organization Validation CA, Level 2' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-14 17:46:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-14 23:46:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ext.geicoddc.net' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Employees Insurance Company' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Chevy Chase' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23663808083801608783088198965827203938016861731856346176986231710588305913508111455991316874735692477656750642725568497497780582482043368238138142564127619795949481385087574335517557678872418251399089537487867809575137594788128074950290069905636532438198987572677590190191503689688100428640921478730831958205968107462493285585870293024050292500485680062624005520141417847665997360438036596962725601487635796837945206926481132691994605116616205601025131043533551984247834200406286017191519986480073457360014823821742914681020533806228039171913015557819477418703620661520570370578364156508596242915546304015585022593009 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 814306fc1fc369a8b8648ca9ea47bd86c4a74a36 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5dd9969a40c727cb2c9ba2eccf19abc8afcc8648 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.30360.3.3.3.3.4.4.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://ssl.trustwave.com/CA' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ext.geicoddc.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.trustwave.com/OVCA_L2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.trustwave.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ssl.trustwave.com/issuers/OVCA_L2.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00e0668d124f819f524147b42ddb897963d7afda6e09b70f9deb16ec43b7be1b57640058a2faaf5b0f1b2c7c13e4a48ee75d5bd1305299962064451bc1b376c6f718f88557d9810cbe6636c3521376043744dda68f112973592943f1f8e2a26382c241d4d1e6894200095e5cc9bdf6995517daa28a9f9104e1d497498bf7b894b2f78c459d24ddd592818fae49736179b630765f4c31fa5535469b117c6b78a01ab266c0ba808c62745b33366ff9bdfa488d6ec3ae428f54b4832624eaf7aa0f130390855c104b489cecbd055e09bbc82ecf7a6250f81b1c34a5a7264c7c0c1dfb326f820bd67af490f0eed786aa8f861b9356bebe98763f30898cd5f076d59dc6