Telia Root CA v2 OCSP responder

- Telia Finland Oyj -

Issued by Telia Root CA v2

About this certificate

This digital certificate with serial number 01:7e:52:99:93:f1:8a:b6:df:c9:dc:5d:87:c1:db was issued on by Telia Finland Oyj.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DigitalSignature KeyEncipherment] (00000101) inconsistent with ExtKeyUsage ocspSigning The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Certificate had 0 embedded SCTs. Browser policy may require 4 for this certificate. Check if certificate has enough embedded SCTs to meet Apple CT Policy (https://support.apple.com/en-us/HT205280)

Telia Finland Oyj

Organization: Telia Finland Oyj
Country: FI

Telia Finland Oyj

Organization: Telia Finland Oyj
Country: FI

This certificate will expire on

Certificate Details

Serial Number (hex): 01:7e:52:99:93:f1:8a:b6:df:c9:dc:5d:87:c1:db
Serial Number (int): 7754424707980355077303263591645659
Serial Number lenght: 113 bits, 15 octets

SubjectKeyId: 6b:b9:8a:05:e8:3f:8c:f1:75:00:2e:6b:23:5c:c4:7e:1d:41:d4:f4
AuthorityKeyId: 72:ac:e4:33:79:aa:45:87:f6:fd:ac:1d:9e:d6:c7:2f:86:d8:24:39

Fingerprint (sha1): 8d:a5:2a:7c:6f:37:d8:ce:33:96:de:d1:3b:b4:0e:b1:5e:e4:6f:33
Fingerprint (sha256): 6c:73:3d:d5:5a:d7:60:a5:ec:0e:ef:28:36:b8:10:d8:96:ee:99:a5:f4:db:0e:fe:4e:60:f5:0c:05:52:33:5f


Revocation information


Check the revocation status for certificate Telia Root CA v2 OCSP responder

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for Telia Root CA v2 OCSP responder

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

OCSP Signing

Extensions

5 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Other certificates including the domain name

(limited to 100 certificates)

Certificate

The complete raw certificate details for Telia Root CA v2 OCSP responder in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEmzCCAoOgAwIBAgIPAX5SmZPxirbfydxdh8HbMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0yMjAxMTMwODQxMDhaFw0yNTAxMTIwODQx
MDhaMFMxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEo
MCYGA1UEAwwfVGVsaWEgUm9vdCBDQSB2MiBPQ1NQIHJlc3BvbmRlcjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfPapU/6NiyMvdHDZd64Ywgi+35ntZG
5xx/i1uykEzZciDNZkTMUBVE7ucEHVaID6/RqrvKLNSRGotNeL4XX3XourneIoS5
T0VGE34qvD+P76nTiTYauqRv/54hNPoKDjb2MszWMvj30JKU22e5sv00slJMaQqn
hOUfi4Q4f6O5SAHWhLVi8JxljSnBItGl6YuDrMvEYEn8wEjwf00ZZblYdhhK/2Xu
OmoAW93v9BrhitI8Y1CE63D+mpTen+hCyPRwjUfrDFVtUIaQiQltt+hOrlVkkpSh
DiuAQ6TrXGMpel0hvvVTbNxrUx8AoZSIg1AmgGEWCYBwNPp+k9OlTBsCAwEAAaN7
MHkwHwYDVR0jBBgwFoAUcqzkM3mqRYf2/awdntbHL4bYJDkwHQYDVR0OBBYEFGu5
igXoP4zxdQAuayNcxH4dQdT0MA4GA1UdDwEB/wQEAwIFoDAWBgNVHSUBAf8EDDAK
BggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQBD
0anZMyW+VtuMDvpIaik4Uf1NS0NcnVVYXvBMrIqzsuZQJTQJsyo3bFtoJZ0R3HCD
zNIfmTCX2rt+yoQwii4gAk/yvRhHU1C5gRhAhubKSYcp95mgQQyT9Ysj5LF7/dE4
ltrnZVuyknnRE8Bxr02Gokz15whHWXQQG1GhqlzKUhI1cllsfKmOsaFsFNnhujfs
JQeNn3gMiLCRYyxQyove4zVu34DnBdS54mTlnfbPpeefk0pU/5ZYoSR+GK227Sn8
2Xzsv3SPN+Sd4qucDPOX//MPbWyAUnycx1+L5aOshWo4V+m1xeEiekb1gb8flor/
sHAC7bMn06ZUKmkjbk3/16QtgfSbIhNWkDxIY6lmM99Axtjvj6DBc9LkzHxu1K8y
O5E8vOcRCkB2eyLTAJz9P6GyEyTGEt4W9z4soVCy37O0Nk6XRY2kYHLgxOY/2q1X
1u/HqbMQ1JYfkBMjLZ60oWxGE5zD5fPZr1lVKOyXslF4CFZNcovQdKfm76oRIMVJ
uEFZ5MwD2AjvkGmIiE9rSYbkU8AtzUEkAbuoInUELL1kUyqwFtRlnPMUa5WHnBnr
YLT+WU0m8RhXkn/Temh79daNj2nY3GpsPv/YgLkP/3mXp5HTyqalhH+AF43JlcYq
aMFpHkU4CVtGJNUXvCZzbO7mF58ViSkLHALahFc89A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx89qlT/o2LIy90cNl3rh
jCCL7fme1kbnHH+LW7KQTNlyIM1mRMxQFUTu5wQdVogPr9Gqu8os1JEai014vhdf
dei6ud4ihLlPRUYTfiq8P4/vqdOJNhq6pG//niE0+goONvYyzNYy+PfQkpTbZ7my
/TSyUkxpCqeE5R+LhDh/o7lIAdaEtWLwnGWNKcEi0aXpi4Osy8RgSfzASPB/TRll
uVh2GEr/Ze46agBb3e/0GuGK0jxjUITrcP6alN6f6ELI9HCNR+sMVW1QhpCJCW23
6E6uVWSSlKEOK4BDpOtcYyl6XSG+9VNs3GtTHwChlIiDUCaAYRYJgHA0+n6T06VM
GwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7754424707980355077303263591645659
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Finland Oyj'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Root CA v2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-13 08:41:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-12 08:41:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FI'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Finland Oyj'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Telia Root CA v2 OCSP responder'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25223703497492974127835672613308910683413991372843311432691604957896759142113314889138527023050454321491001034848351558960479772008852733911127929122990773931036683145079428165037521703941649396898442815080178496410795901080060631352075628078713734658726201562534584636624784667706361233544557735159026227863258356324043503411961586709144878632745187201721410905618017709177069707923444947863224189026893113111481720945988116591712787646249276249932360671781623887153645865999508473936661291129792266228370957782936330918598050929535726154771406474645092659253744790863951606718075769499537257704831097757154513603611
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 72ace43379aa4587f6fdac1d9ed6c72f86d82439
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6bb98a05e83f8cf175002e6b235cc47e1d41d4f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.9 (ocspSigning)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1.5 (ocspNoCheck)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0043d1a9d93325be56db8c0efa486a293851fd4d4b435c9d55585ef04cac8ab3b2e650253409b32a376c5b68259d11dc7083ccd21f993097dabb7eca84308a2e20024ff2bd18475350b981184086e6ca498729f799a0410c93f58b23e4b17bfdd13896dae7655bb29279d113c071af4d86a24cf5e708475974101b51a1aa5cca52123572596c7ca98eb1a16c14d9e1ba37ec25078d9f780c88b091632c50ca8bdee3356edf80e705d4b9e264e59df6cfa5e79f934a54ff9658a1247e18adb6ed29fcd97cecbf748f37e49de2ab9c0cf397fff30f6d6c80527c9cc75f8be5a3ac856a3857e9b5c5e1227a46f581bf1f968affb07002edb327d3a6542a69236e4dffd7a42d81f49b221356903c4863a96633df40c6d8ef8fa0c173d2e4cc7c6ed4af323b913cbce7110a40767b22d3009cfd3fa1b21324c612de16f73e2ca150b2dfb3b4364e97458da46072e0c4e63fdaad57d6efc7a9b310d4961f9013232d9eb4a16c46139cc3e5f3d9af595528ec97b2517808564d728bd074a7e6efaa1120c549b84159e4cc03d808ef906988884f6b4986e453c02dcd412401bba82275042cbd64532ab016d4659cf3146b95879c19eb60b4fe594d26f11857927fd37a687bf5d68d8f69d8dc6a6c3effd880b90fff7997a791d3caa6a5847f80178dc995c62a68c1691e4538095b4624d517bc26736ceee6179f1589290b1c02da84573cf4