*.retriever.co.ke
- Cartrack PTY (Ltd) -
Issued by GeoTrust SSL CA - G2
About this certificate
This digital certificate with serial number 35:0f:17:60:bb:d7:58:96:4e:4f:11:21:00:8a:45:f3 was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Cartrack PTY (Ltd)
Organization:
Cartrack PTY (Ltd)
Organization unit: IT Department
Organization unit: IT Department
State / Province:
Gauteng
Locality: Johannesburg
Country: ZA
Locality: Johannesburg
Country: ZA
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 35:0f:17:60:bb:d7:58:96:4e:4f:11:21:00:8a:45:f3Serial Number (int): 70527442388937083264839415807661983219
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 11:4a:d0:73:39:d5:5b:69:08:5c:ba:3d:bf:64:9a:a8:8b:1c:55:bc
Fingerprint (sha1): b7:e0:e1:f6:fa:ca:38:a5:01:e6:eb:b7:8e:ed:76:8b:e3:2a:68:ca
Fingerprint (sha256): 72:9e:b3:4c:66:79:71:f3:4b:40:95:06:fc:55:d8:91:a9:dc:05:8c:fb:ba:be:0a:1f:e3:d3:bd:48:d6:20:bb
Issuing Certificate URL: http://gb.symcb.com/gb.crt
Revocation information
OCSP Server: http://gb.symcd.comCRL Distribution Point: http://gb.symcb.com/gb.crl
Check the revocation status for certificate *.retriever.co.ke
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.retriever.co.ke
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.retriever.co.ke
retriever.co.ke
retriever.co.ke
Other certificates including the domain name retriever.co.ke
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.retriever.co.ke in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgIQNQ8XYLvXWJZOTxEhAIpF8zANBgkqhkiG9w0BAQUFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzIwHhcNMTQxMjEwMDAwMDAwWhcNMTcxMjA5MjM1 OTU5WjCBiDELMAkGA1UEBhMCWkExEDAOBgNVBAgTB0dhdXRlbmcxFTATBgNVBAcU DEpvaGFubmVzYnVyZzEcMBoGA1UEChQTQ2FydHJhY2sgIFBUWSAoTHRkKTEWMBQG A1UECxQNSVQgRGVwYXJ0bWVudDEaMBgGA1UEAxQRKi5yZXRyaWV2ZXIuY28ua2Uw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz0QF9yWJloMSJ20heRjdc D9w3NdC3ZMen3qd9mur/qD0581wpyB/5nFeKBC8XUrcuShrDljqRYO7oA2iEkYNp CWy2MWHaBbEEDn1xpx5QgSKwKPPaW8XjFuD787TG2ZGcGE3S+kEjNGu0aGWVbydH u+uxlwDWSwBloZoyRsiE2F+oqJ7v/lrOugcmOwSb2qiqBNYrlWmtPJkhGQHqUTgf LuCy/fxEMh+ERCAISfq5UNVOFE58THsP5chmuH8996ORhS0wXlu8PfOLbxCtkTTr soJxe6pd28pr5UoX4lgOpWle8v4BNkjHr37HQKrYKu7/azab8T8uCLYCXS7dxmrd AgMBAAGjggG4MIIBtDAtBgNVHREEJjAkghEqLnJldHJpZXZlci5jby5rZYIPcmV0 cmlldmVyLmNvLmtlMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQk MCIwIKAeoByGGmh0dHA6Ly9nYi5zeW1jYi5jb20vZ2IuY3JsMIGhBgNVHSAEgZkw gZYwgZMGCmCGSAGG+EUBBzYwgYQwPwYIKwYBBQUHAgEWM2h0dHBzOi8vd3d3Lmdl b3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdhbDBBBggrBgEFBQcC AjA1DDNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRv cnkvbGVnYWwwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQY MBaAFBFK0HM51VtpCFy6Pb9kmqiLHFW8MFcGCCsGAQUFBwEBBEswSTAfBggrBgEF BQcwAYYTaHR0cDovL2diLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL2di LnN5bWNiLmNvbS9nYi5jcnQwDQYJKoZIhvcNAQEFBQADggEBAFi3O6TtkqeDsvct WaXrPHZQpPKo+wBuXVukAx4yuTct2kpWTFfXG+l070XFN7W7klzSOExKJhPrEfZa KspxpBdJ54ZiZflsy+Xh9nK28zxRFOML3yFMtPpDas7Axo1V41zKWwQjmY4pHjGk RhgzxP9np2+OxeAuIGfkON7s3dgZeGOBE7qpnjAK82MMJkWRDqINH2kypXNjDfDN DXSU5uwWNCnI8QtT0PK25sQoD/mon72aTKYXKS3B7wwFyFR7BV09L9VEj3gxgToq ei4ZDeptLj3aXmUcQC7IZDUuWpxuwRLnLDgQfolZPpL7Au1FGFq6RoVuyYd9yDcf 0Zo6Ifk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9EBfcliZaDEidtIXkY3 XA/cNzXQt2THp96nfZrq/6g9OfNcKcgf+ZxXigQvF1K3Lkoaw5Y6kWDu6ANohJGD aQlstjFh2gWxBA59caceUIEisCjz2lvF4xbg+/O0xtmRnBhN0vpBIzRrtGhllW8n R7vrsZcA1ksAZaGaMkbIhNhfqKie7/5azroHJjsEm9qoqgTWK5VprTyZIRkB6lE4 Hy7gsv38RDIfhEQgCEn6uVDVThROfEx7D+XIZrh/PfejkYUtMF5bvD3zi28QrZE0 67KCcXuqXdvKa+VKF+JYDqVpXvL+ATZIx69+x0Cq2Cru/2s2m/E/Lgi2Al0u3cZq 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 70527442388937083264839415807661983219 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-12-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-09 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gauteng' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Johannesburg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Cartrack PTY (Ltd)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'IT Department' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.retriever.co.ke' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22699721202799640901848165203716254971212150885008622063511586456802594666103548739813094320181749003308522994572746243906379731719629481637019390937052893762222121201076879087805461224457623664224146694540340225366829123936294107325303411241533407952904483823759230274897406421538080811660883423089878449305291506401015547684633387408944105821450483264208735846334721246826158770179678113698095709741881326433969825397306017934793165188172594894767619348746431481302612997581125719253913484235648933922253099627960744908592531689751203793403630595919699413563464013116845549486966387848297307821416144516065981262557 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.retriever.co.ke' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retriever.co.ke' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gb.symcb.com/gb.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (153 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 114ad07339d55b69085cba3dbf649aa88b1c55bc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gb.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gb.symcb.com/gb.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0058b73ba4ed92a783b2f72d59a5eb3c7650a4f2a8fb006e5d5ba4031e32b9372dda4a564c57d71be974ef45c537b5bb925cd2384c4a2613eb11f65a2aca71a41749e7866265f96ccbe5e1f672b6f33c5114e30bdf214cb4fa436acec0c68d55e35cca5b0423998e291e31a4461833c4ff67a76f8ec5e02e2067e438deecddd81978638113baa99e300af3630c2645910ea20d1f6932a573630df0cd0d7494e6ec163429c8f10b53d0f2b6e6c4280ff9a89fbd9a4ca617292dc1ef0c05c8547b055d3d2fd5448f7831813a2a7a2e190dea6d2e3dda5e651c402ec864352e5a9c6ec112e72c38107e89593e92fb02ed45185aba46856ec9877dc8371fd19a3a21f9