*.patientadvocate.org
- Patient Advocate Foundation -
Issued by Thawte SSL CA
About this certificate
This digital certificate with serial number 30:62:0a:b7:04:25:37:75:b8:f3:97:1b:22:c8:41:88 was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Patient Advocate Foundation
Organization:
Patient Advocate Foundation
State / Province:
Virginia
Locality: Hampton
Country: US
Locality: Hampton
Country: US
Thawte, Inc.
Organization:
Thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 30:62:0a:b7:04:25:37:75:b8:f3:97:1b:22:c8:41:88Serial Number (int): 64312006213945083830420644498766315912
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId:
Fingerprint (sha1): 18:bf:2c:e9:9a:97:d3:ff:e4:13:4e:2b:bc:4c:83:ea:57:5a:9a:8f
Fingerprint (sha256): 6f:ec:99:32:ce:18:67:d9:21:22:f6:23:ca:08:b2:2f:f1:47:71:fc:d4:7e:16:62:63:61:0f:a7:f1:12:32:39
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-ov-crl.thawte.com/ThawteOV.crl
Check the revocation status for certificate *.patientadvocate.org
0
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.patientadvocate.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Extended Key Usages
Server Authentication
Client Authentication
Extensions
4 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
This certificate doesn't contain any subject alternative names.
Other certificates including the domain name patientadvocate.org
(limited to 100 certificates)
*.patientadvocate.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
mask17.classy.org
*.patientadvocate.org
mask17.classy.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
pafw.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
impact.patientadvocate.org
*.patientadvocate.org
impact.patientadvocate.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
paf.patientadvocate.org
mask17.classy.org
llsportalswa-qa.patientadvocate.org
mask17.classy.org
mask17.classy.org
*.patientadvocate.org
impact.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
paf.patientadvocate.org
impact.patientadvocate.org
mask17.classy.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
mask17.classy.org
*.patientadvocate.org
mask17.classy.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
pafw.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
impact.patientadvocate.org
*.patientadvocate.org
impact.patientadvocate.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
*.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
impact.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
paf.patientadvocate.org
mask17.classy.org
llsportalswa-qa.patientadvocate.org
mask17.classy.org
mask17.classy.org
*.patientadvocate.org
impact.patientadvocate.org
mask17.classy.org
mask17.classy.org
mask17.classy.org
paf.patientadvocate.org
impact.patientadvocate.org
mask17.classy.org
Certificate
The complete raw certificate details for *.patientadvocate.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIID3zCCAsegAwIBAgIQMGIKtwQlN3W485cbIshBiDANBgkqhkiG9w0BAQUFADA8 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U aGF3dGUgU1NMIENBMB4XDTEyMDUyMTAwMDAwMFoXDTE0MDYyMDIzNTk1OVoweDEL MAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRAwDgYDVQQHFAdIYW1wdG9u MSQwIgYDVQQKFBtQYXRpZW50IEFkdm9jYXRlIEZvdW5kYXRpb24xHjAcBgNVBAMU FSoucGF0aWVudGFkdm9jYXRlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBANaOnqpkqqOD+gxxIsSCx5glDcYJC0c407mARBngok3ZoFtFdI+M7vkq lE/aLEiFjWNPCcPaFxmFHAOGevg5aRHuk5KBgPzYj8H4r5cS+CQ7eBiuJNt95gF+ xPjGiVQRoMs+J4uwQq45xpGlTsswkB0iN9P6RfHTJd6BmnqU/xffpUE8IccbkdSz ASpi2dZQ2MXDKGrylvCcgSu7CDOvDvGth4EhUYxUtJTvKWnQLAJcOUmD0/Kl2Cvw GyEysvQRUm5VaacIl/Plcti/mkmY57YIxCNoASyyRNhc+a+mzRenLXpk+cWekh4D Z+VBdIA+i7n3EJFRkk9WgeECqIHsMSECAwEAAaOBoDCBnTAMBgNVHRMBAf8EAjAA MDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9zdnItb3YtY3JsLnRoYXd0ZS5jb20v VGhhd3RlT1YuY3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAyBggr BgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20w DQYJKoZIhvcNAQEFBQADggEBADutsLLIZM+r0lr55SQlVIbDIqg4ot9HCFYX5Tlr pfjUM5Sq1dSMZOOJJbdLWQRSLgi0aFNndK6hFQa9VrwHFO1stEu7FOjqSHysTvGo KoApeQjiuHQoEG6PUvxaWprWk951oSpzEIz+mzN2XSCtUQ5nfDAbF1VP0gLxXozP oJos7Nfk2O0cGafjrJeRFR9jF+QSrXyx53DYRfGiE5Gw8aoTADrjA812zsyeJAan sJO9kBEcnYfZMRR1yzQaP4RPtkfG9vtEI9CdrXa4SYchSJiQcziUFwmsZ9QMUNo+ pHXss+Ga5TNknbTnNj+e9ZI3NHVFh+D5EYcTHldte64vOqw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o6eqmSqo4P6DHEixILH mCUNxgkLRzjTuYBEGeCiTdmgW0V0j4zu+SqUT9osSIWNY08Jw9oXGYUcA4Z6+Dlp Ee6TkoGA/NiPwfivlxL4JDt4GK4k233mAX7E+MaJVBGgyz4ni7BCrjnGkaVOyzCQ HSI30/pF8dMl3oGaepT/F9+lQTwhxxuR1LMBKmLZ1lDYxcMoavKW8JyBK7sIM68O 8a2HgSFRjFS0lO8padAsAlw5SYPT8qXYK/AbITKy9BFSblVppwiX8+Vy2L+aSZjn tgjEI2gBLLJE2Fz5r6bNF6ctemT5xZ6SHgNn5UF0gD6LufcQkVGST1aB4QKogewx IQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 64312006213945083830420644498766315912 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-05-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-06-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Virginia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Hampton' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Patient Advocate Foundation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.patientadvocate.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27085325701126796489726955034006954095416780863741252780319600957497887849466409956805254247081865221416844367497863265825649179704178525436417284137748327785451512759242305943975227844489432620497602900681667378951830890254832673058873193186438140605955081367672212941954396642272220963058574933173228757782579699377344098170693239593044474013155905413159876546126461544983246749287002073858891131483716337483349111605142815340095282533398498504332452321481622532867737890390422169242290023118562795520820369483328302520419558356958923060966203393038762066432197872838849131599627677023791501161003625970325781229857 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-crl.thawte.com/ThawteOV.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003badb0b2c864cfabd25af9e524255486c322a838a2df47085617e5396ba5f8d43394aad5d48c64e38925b74b5904522e08b468536774aea11506bd56bc0714ed6cb44bbb14e8ea487cac4ef1a82a80297908e2b87428106e8f52fc5a5a9ad693de75a12a73108cfe9b33765d20ad510e677c301b17554fd202f15e8ccfa09a2cecd7e4d8ed1c19a7e3ac9791151f6317e412ad7cb1e770d845f1a21391b0f1aa13003ae303cd76cecc9e2406a7b093bd90111c9d87d9311475cb341a3f844fb647c6f6fb4423d09dad76b84987214898907338941709ac67d40c50da3ea475ecb3e19ae533649db4e7363f9ef5923734754587e0f91187131e576d7bae2f3aac