KEYNECTIS Extended Validation CA

Issued by OpenTrust Root CA G2

About this certificate


This digital certificate with serial number 11:20:5c:16:8d:c3:e1:bf:a4:ab:f1:83:3a:3b:a4:ba:3c:e9 was issued on by OpenTrust .

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Cerificate errors/warnings *beta

  • ERROR: Certificate contains no Authority Info Access Issuers
  • ERROR: Certificate has key usage [CertSign] set
  • ERROR: Certificate has key usage [CRLSign] set

Certplus

Organization: Certplus
Organization unit: Entity of KEYNECTIS for CA services
Country: FR

OpenTrust

Organization: OpenTrust
Country: FR

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 11:20:5c:16:8d:c3:e1:bf:a4:ab:f1:83:3a:3b:a4:ba:3c:e9
Serial Number (int): 1491920302662876435464797580787914899078377
Serial Number lenght: 141 bits, 18 octets

SubjectKeyId: 13:c1:32:2e:92:5c:ae:cd:6d:8f:a2:f3:e0:b4:49:b4:86:f4:a2:5c
AuthorityKeyId: 6a:39:fa:42:22:f7:e6:89:00:4d:5e:7d:33:83:cb:b8:6e:77:86:af

Fingerprint (sha1): d5:37:00:9f:ac:f7:e5:e6:c8:58:ef:64:70:95:c3:4a:72:f2:a5:9d
Fingerprint (sha256): ef:7d:16:6e:93:ef:08:09:0b:a8:0a:99:a2:f8:34:7f:be:37:fa:e2:97:eb:bb:4d:e8:bc:99:f7:03:33:1e:2b


Revocation information

OCSP Server: http://get-ocsp.certificat.com/opentrustrootcag2
CRL Distribution Point: http://get-crl.certificat.com/public/opentrustrootcag2.crl

Check the revocation status for the current certificate on KEYNECTIS Extended Validation CA
0
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA512 with RSA



Key Usage

Cert Sign
CRL Sign

Extended Key Usages

Extensions

7 extensions
No unhandled critical extensions



CA Certificate

This is a CA certificate
Maximum Path Lenght:

0

Subject Alternative Names

This certificate doesn't contain any subject alternative names (DNS Name).

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFiTCCA3GgAwIBAgISESBcFo3D4b+kq/GDOjukujzpMA0GCSqGSIb3DQEBDQUA MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjEwMzA1MloXDTE5MDcwMTAwMDAw MFoweTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMSwwKgYDVQQLEyNF bnRpdHkgb2YgS0VZTkVDVElTIGZvciBDQSBzZXJ2aWNlczEpMCcGA1UEAxMgS0VZ TkVDVElTIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC2Xnrj5ArxGwGJofyvreUvxGq3eF2WQhxxoAWcCpLuJ3Kl Lc/PUxUMPryInRdxfHuxF2082bPNo0XBEWJmpqREX4KMmcdIuIPqP6Ajwt9kfPZ2 jwdAXpmnF6urfqHRBuFr+9D4pNpoMUqKzI8zXhpTo7e2x6ZDKaig3RVFo4CiTapi /pBMiNHGMm4nzOai+f0K42CcIl7rLq+jMjpde//E2YsocQJYrXcpeZo8B/wxnGFY v2YwnvAjhk+secQZftQJ89UsoA5+YVgGG8b3LIloYctWG1XCoGDbS81iV22Tn13K ObCxhIFAzvBpELlmJavV4Q+mP7MUc+z6TV4bYrixAgMBAAGjggFCMIIBPjAOBgNV HQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0 dHA6Ly93d3cub3BlbnRydXN0LmNvbS9QQy8wEgYDVR0TAQH/BAgwBgEB/wIBADBL BgNVHR8ERDBCMECgPqA8hjpodHRwOi8vZ2V0LWNybC5jZXJ0aWZpY2F0LmNvbS9w dWJsaWMvb3BlbnRydXN0cm9vdGNhZzIuY3JsMEwGCCsGAQUFBwEBBEAwPjA8Bggr BgEFBQcwAYYwaHR0cDovL2dldC1vY3NwLmNlcnRpZmljYXQuY29tL29wZW50cnVz dHJvb3RjYWcyMB0GA1UdDgQWBBQTwTIuklyuzW2PovPgtEm0hvSiXDAfBgNVHSME GDAWgBRqOfpCIvfmiQBNXn0zg8u4bneGrzANBgkqhkiG9w0BAQ0FAAOCAgEAB3Cw S/7JWzxzTK/4klUr2A0HBxR3JCdCtg4LmPQhpJQzxo+PBpAEuQ/1EdR69tvJ0k6U 0CpbqSuBcW3c/tpG0E/MQTZA8mFgfteBaDkNPhDgL9QCO02LdPBazpnBvmGgv5jM 8XchCTlVtK+dOAoPh+OSk1dTtZ33SOaMP8oPDt4+2VzYyXNUi+zebig22mdcwktA QawMomw8L9rmn5qusmZxRn5ODtxiMWEN43G0RbbnzDz90u+Fa0gWAzjZbm+pTUpC UuKcSIBX7yyPtfoENzGCwU9W904Q9GniMQ68zJWRfq/2lakYoAcZBHsb7Re/yKnx /phHLyMsgoV+5VGufI5uL6HlvgvAlfjvvRWE32B+1pSrruS79yv2MCEZfPPHXKou KDuPtNRrv9SrMaRvFTginno+HxVJIsmiTH0wElQLwYHJN2mvlGBGltAY1q5Noa1a n2yZpTFs82XmVQR3qfwqLE2s43WbJYZoxnNAhBfqxT1QUPwQkINYAMVBsbRr8rRM pstam1UPMDrFgKfkVEAU8r3ROTMcilzdEo71mnCLvrFMiq96rTSL1JWZ5cvAyHjL dpi0dgCybEPUp5B9IEqqbGP65rEhEAQcPJ8zLGneSNsm+rZ4T2508yIxiWXuMwsg F3ujb6nutS8O3YHTvAkxrqsF/elFNAkq37UpEFI= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl564+QK8RsBiaH8r63l L8Rqt3hdlkIccaAFnAqS7idypS3Pz1MVDD68iJ0XcXx7sRdtPNmzzaNFwRFiZqak RF+CjJnHSLiD6j+gI8LfZHz2do8HQF6Zpxerq36h0Qbha/vQ+KTaaDFKisyPM14a U6O3tsemQymooN0VRaOAok2qYv6QTIjRxjJuJ8zmovn9CuNgnCJe6y6vozI6XXv/ xNmLKHECWK13KXmaPAf8MZxhWL9mMJ7wI4ZPrHnEGX7UCfPVLKAOfmFYBhvG9yyJ aGHLVhtVwqBg20vNYldtk59dyjmwsYSBQM7waRC5ZiWr1eEPpj+zFHPs+k1eG2K4 sQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1491920302662876435464797580787914899078377 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OpenTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OpenTrust Root CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-05-26 10:30:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-01 00:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Certplus' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entity of KEYNECTIS for CA services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'KEYNECTIS Extended Validation CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23021961347893820407283137641966383490680564714760745294866826730764440008225302874463656696002463129455907101854668189299129119310308374913563740678415285891794259047275601342895837375049425981927212943552238701120221566332303151304067802791816824729556757229274947303887466623580262223156757551430115588160468335486118254982663238399769240644055230996708742203096280235785606694063570608906731610886729218753979629308217427133821509451346180129551273877300447869033969343914041434597400094030075392733030873578939220879775203198499494861293909273562716582643119731249079867528301378440226931592718557950218430757041 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (7 bits) 0106 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32.0 (anyPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.opentrust.com/PC/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (8 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://get-crl.certificat.com/public/opentrustrootcag2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://get-ocsp.certificat.com/opentrustrootcag2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 13c1322e925caecd6d8fa2f3e0b449b486f4a25c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6a39fa4222f7e689004d5e7d3383cbb86e7786af . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 000770b04bfec95b3c734caff892552bd80d07071477242742b60e0b98f421a49433c68f8f069004b90ff511d47af6dbc9d24e94d02a5ba92b81716ddcfeda46d04fcc413640f261607ed78168390d3e10e02fd4023b4d8b74f05ace99c1be61a0bf98ccf17721093955b4af9d380a0f87e392935753b59df748e68c3fca0f0ede3ed95cd8c973548becde6e2836da675cc24b4041ac0ca26c3c2fdae69f9aaeb26671467e4e0edc6231610de371b445b6e7cc3cfdd2ef856b48160338d96e6fa94d4a4252e29c488057ef2c8fb5fa04373182c14f56f74e10f469e2310ebccc95917eaff695a918a00719047b1bed17bfc8a9f1fe98472f232c82857ee551ae7c8e6e2fa1e5be0bc095f8efbd1584df607ed694abaee4bbf72bf63021197cf3c75caa2e283b8fb4d46bbfd4ab31a46f1538229e7a3e1f154922c9a24c7d3012540bc181c93769af94604696d018d6ae4da1ad5a9f6c99a5316cf365e6550477a9fc2a2c4dace3759b258668c673408417eac53d5050fc1090835800c541b1b46bf2b44ca6cb5a9b550f303ac580a7e4544014f2bdd139331c8a5cdd128ef59a708bbeb14c8aaf7aad348bd49599e5cbc0c878cb7698b47600b26c43d4a7907d204aaa6c63fae6b12110041c3c9f332c69de48db26fab6784f6e74f322318965ee330b20177ba36fa9eeb52f0edd81d3bc0931aeab05fde94534092adfb5291052