Telia Root CA v2 OCSP responder
- Telia Finland Oyj -
Issued by Telia Root CA v2
About this certificate
This digital certificate with serial number 01:7e:52:99:93:f1:8a:b6:df:c9:dc:5d:87:c1:db was issued on by Telia Finland Oyj.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DigitalSignature KeyEncipherment] (00000101) inconsistent with ExtKeyUsage ocspSigning The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Certificate had 0 embedded SCTs. Browser policy may require 4 for this certificate. Check if certificate has enough embedded SCTs to meet Apple CT Policy (https://support.apple.com/en-us/HT205280)
Telia Finland Oyj
Organization:
Telia Finland Oyj
Country:
FI
Telia Finland Oyj
Organization:
Telia Finland Oyj
Country:
FI
This certificate will expire on
Certificate Details
Serial Number (hex): 01:7e:52:99:93:f1:8a:b6:df:c9:dc:5d:87:c1:dbSerial Number (int): 7754424707980355077303263591645659
Serial Number lenght: 113 bits, 15 octets
SubjectKeyId: 6b:b9:8a:05:e8:3f:8c:f1:75:00:2e:6b:23:5c:c4:7e:1d:41:d4:f4
AuthorityKeyId: 72:ac:e4:33:79:aa:45:87:f6:fd:ac:1d:9e:d6:c7:2f:86:d8:24:39
Fingerprint (sha1): 8d:a5:2a:7c:6f:37:d8:ce:33:96:de:d1:3b:b4:0e:b1:5e:e4:6f:33
Fingerprint (sha256): 6c:73:3d:d5:5a:d7:60:a5:ec:0e:ef:28:36:b8:10:d8:96:ee:99:a5:f4:db:0e:fe:4e:60:f5:0c:05:52:33:5f
Revocation information
Check the revocation status for certificate Telia Root CA v2 OCSP responder
0
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for Telia Root CA v2 OCSP responder
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
OCSP Signing
Extensions
5 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
This certificate doesn't contain any subject alternative names.
Other certificates including the domain name
(limited to 100 certificates)
Certificate
The complete raw certificate details for Telia Root CA v2 OCSP responder in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEmzCCAoOgAwIBAgIPAX5SmZPxirbfydxdh8HbMA0GCSqGSIb3DQEBCwUAMEQx CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0yMjAxMTMwODQxMDhaFw0yNTAxMTIwODQx MDhaMFMxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEo MCYGA1UEAwwfVGVsaWEgUm9vdCBDQSB2MiBPQ1NQIHJlc3BvbmRlcjCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfPapU/6NiyMvdHDZd64Ywgi+35ntZG 5xx/i1uykEzZciDNZkTMUBVE7ucEHVaID6/RqrvKLNSRGotNeL4XX3XourneIoS5 T0VGE34qvD+P76nTiTYauqRv/54hNPoKDjb2MszWMvj30JKU22e5sv00slJMaQqn hOUfi4Q4f6O5SAHWhLVi8JxljSnBItGl6YuDrMvEYEn8wEjwf00ZZblYdhhK/2Xu OmoAW93v9BrhitI8Y1CE63D+mpTen+hCyPRwjUfrDFVtUIaQiQltt+hOrlVkkpSh DiuAQ6TrXGMpel0hvvVTbNxrUx8AoZSIg1AmgGEWCYBwNPp+k9OlTBsCAwEAAaN7 MHkwHwYDVR0jBBgwFoAUcqzkM3mqRYf2/awdntbHL4bYJDkwHQYDVR0OBBYEFGu5 igXoP4zxdQAuayNcxH4dQdT0MA4GA1UdDwEB/wQEAwIFoDAWBgNVHSUBAf8EDDAK BggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQBD 0anZMyW+VtuMDvpIaik4Uf1NS0NcnVVYXvBMrIqzsuZQJTQJsyo3bFtoJZ0R3HCD zNIfmTCX2rt+yoQwii4gAk/yvRhHU1C5gRhAhubKSYcp95mgQQyT9Ysj5LF7/dE4 ltrnZVuyknnRE8Bxr02Gokz15whHWXQQG1GhqlzKUhI1cllsfKmOsaFsFNnhujfs JQeNn3gMiLCRYyxQyove4zVu34DnBdS54mTlnfbPpeefk0pU/5ZYoSR+GK227Sn8 2Xzsv3SPN+Sd4qucDPOX//MPbWyAUnycx1+L5aOshWo4V+m1xeEiekb1gb8flor/ sHAC7bMn06ZUKmkjbk3/16QtgfSbIhNWkDxIY6lmM99Axtjvj6DBc9LkzHxu1K8y O5E8vOcRCkB2eyLTAJz9P6GyEyTGEt4W9z4soVCy37O0Nk6XRY2kYHLgxOY/2q1X 1u/HqbMQ1JYfkBMjLZ60oWxGE5zD5fPZr1lVKOyXslF4CFZNcovQdKfm76oRIMVJ uEFZ5MwD2AjvkGmIiE9rSYbkU8AtzUEkAbuoInUELL1kUyqwFtRlnPMUa5WHnBnr YLT+WU0m8RhXkn/Temh79daNj2nY3GpsPv/YgLkP/3mXp5HTyqalhH+AF43JlcYq aMFpHkU4CVtGJNUXvCZzbO7mF58ViSkLHALahFc89A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx89qlT/o2LIy90cNl3rh jCCL7fme1kbnHH+LW7KQTNlyIM1mRMxQFUTu5wQdVogPr9Gqu8os1JEai014vhdf dei6ud4ihLlPRUYTfiq8P4/vqdOJNhq6pG//niE0+goONvYyzNYy+PfQkpTbZ7my /TSyUkxpCqeE5R+LhDh/o7lIAdaEtWLwnGWNKcEi0aXpi4Osy8RgSfzASPB/TRll uVh2GEr/Ze46agBb3e/0GuGK0jxjUITrcP6alN6f6ELI9HCNR+sMVW1QhpCJCW23 6E6uVWSSlKEOK4BDpOtcYyl6XSG+9VNs3GtTHwChlIiDUCaAYRYJgHA0+n6T06VM GwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7754424707980355077303263591645659 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Finland Oyj' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Root CA v2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-13 08:41:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-12 08:41:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Finland Oyj' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Root CA v2 OCSP responder' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25223703497492974127835672613308910683413991372843311432691604957896759142113314889138527023050454321491001034848351558960479772008852733911127929122990773931036683145079428165037521703941649396898442815080178496410795901080060631352075628078713734658726201562534584636624784667706361233544557735159026227863258356324043503411961586709144878632745187201721410905618017709177069707923444947863224189026893113111481720945988116591712787646249276249932360671781623887153645865999508473936661291129792266228370957782936330918598050929535726154771406474645092659253744790863951606718075769499537257704831097757154513603611 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 72ace43379aa4587f6fdac1d9ed6c72f86d82439 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6bb98a05e83f8cf175002e6b235cc47e1d41d4f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.9 (ocspSigning) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1.5 (ocspNoCheck) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0043d1a9d93325be56db8c0efa486a293851fd4d4b435c9d55585ef04cac8ab3b2e650253409b32a376c5b68259d11dc7083ccd21f993097dabb7eca84308a2e20024ff2bd18475350b981184086e6ca498729f799a0410c93f58b23e4b17bfdd13896dae7655bb29279d113c071af4d86a24cf5e708475974101b51a1aa5cca52123572596c7ca98eb1a16c14d9e1ba37ec25078d9f780c88b091632c50ca8bdee3356edf80e705d4b9e264e59df6cfa5e79f934a54ff9658a1247e18adb6ed29fcd97cecbf748f37e49de2ab9c0cf397fff30f6d6c80527c9cc75f8be5a3ac856a3857e9b5c5e1227a46f581bf1f968affb07002edb327d3a6542a69236e4dffd7a42d81f49b221356903c4863a96633df40c6d8ef8fa0c173d2e4cc7c6ed4af323b913cbce7110a40767b22d3009cfd3fa1b21324c612de16f73e2ca150b2dfb3b4364e97458da46072e0c4e63fdaad57d6efc7a9b310d4961f9013232d9eb4a16c46139cc3e5f3d9af595528ec97b2517808564d728bd074a7e6efaa1120c549b84159e4cc03d808ef906988884f6b4986e453c02dcd412401bba82275042cbd64532ab016d4659cf3146b95879c19eb60b4fe594d26f11857927fd37a687bf5d68d8f69d8dc6a6c3effd880b90fff7997a791d3caa6a5847f80178dc995c62a68c1691e4538095b4624d517bc26736ceee6179f1589290b1c02da84573cf4