gsg.kfh-dialyse.de
Issued by thawte DV SSL CA - G2
About this certificate
This digital certificate with serial number 4d:cc:d0:be:85:34:1a:fe:7e:6e:8f:f1:a2:00:b6:67 was issued on by thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=gsg.kfh-dialyse.de
thawte, Inc.
Organization:
thawte, Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4d:cc:d0:be:85:34:1a:fe:7e:6e:8f:f1:a2:00:b6:67Serial Number (int): 103414018070352562232456470249032693351
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 9f:b8:c1:a9:6c:f2:f5:c0:22:2a:94:ed:5c:99:ac:d4:ec:d7:c6:07
Fingerprint (sha1): 35:50:af:a3:eb:f2:2b:29:64:ce:8b:44:4c:9f:da:f3:15:15:4e:45
Fingerprint (sha256): 76:f6:16:3c:00:d3:77:54:b1:8b:8a:ba:33:e8:36:10:12:fe:d1:72:0c:2f:b1:da:83:13:9c:86:b6:ff:08:6d
Issuing Certificate URL: http://tn.symcb.com/tn.crt
Revocation information
OCSP Server: http://tn.symcd.comCRL Distribution Point: http://tn.symcb.com/tn.crl
Check the revocation status for certificate gsg.kfh-dialyse.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gsg.kfh-dialyse.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gsg.kfh-dialyse.de
Other certificates including the domain name kfh-dialyse.de
(limited to 100 certificates)
webmail.kfh-dialyse.de
webmail.kfh-dialyse.de
qin.kfh-dialyse.de
mail.kfh-dialyse.de
owa.kfh-dialyse.de
gsg.kfh-dialyse.de
sharepoint.kfh-dialyse.de
gsg.kfh-dialyse.de
gsg.kfh-dialyse.de
mail.kfh-dialyse.de
gsg.kfh-dialyse.de
webmail.kfh-dialyse.de
gsg.kfh-dialyse.de
qin.kfh-dialyse.de
mail.kfh-dialyse.de
webmail.kfh-dialyse.de
qin.kfh-dialyse.de
mail.kfh-dialyse.de
owa.kfh-dialyse.de
gsg.kfh-dialyse.de
sharepoint.kfh-dialyse.de
gsg.kfh-dialyse.de
gsg.kfh-dialyse.de
mail.kfh-dialyse.de
gsg.kfh-dialyse.de
webmail.kfh-dialyse.de
gsg.kfh-dialyse.de
qin.kfh-dialyse.de
mail.kfh-dialyse.de
Certificate
The complete raw certificate details for gsg.kfh-dialyse.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEgDCCA2igAwIBAgIQTczQvoU0Gv5+bo/xogC2ZzANBgkqhkiG9w0BAQsFADBj MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE b21haW4gVmFsaWRhdGVkIFNTTDEeMBwGA1UEAxMVdGhhd3RlIERWIFNTTCBDQSAt IEcyMB4XDTE1MDYxOTAwMDAwMFoXDTE3MDcxODIzNTk1OVowHTEbMBkGA1UEAxQS Z3NnLmtmaC1kaWFseXNlLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAveHlDv4zEz+iRyB+87SS5VpZX7Tc5FKwtbUNe0Je5nRl4/MhVSTsev/2H4HJ RG/SIYMVktLBbebbJ4lofSO08/0653rFQdueG9j677mhUqdZ6g8TP6PZ1ns8tcD7 LU8tMtannceO/8X5sxdZQP0VF6kvbzh3R18G9C7GNegPeUuzytluak5Be9qzrqE0 v8voKlrq27aWJlbBuDwDL4eizbzcICIROtHa0Y1Hb/OknvrGqOd1VphzUXBVi3oN TZh4cw6iiUjQwHVINet/6qOtmbo6J5Qfxd+c+fbWDeY0Ow56QZOSQgjLG3VS6T0V jcRfJVp7URMHeh7ws6rizTm6/QIDAQABo4IBdDCCAXAwHQYDVR0RBBYwFIISZ3Nn LmtmaC1kaWFseXNlLmRlMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0 cDovL3RuLnN5bWNiLmNvbS90bi5jcmwwbgYDVR0gBGcwZTBjBgZngQwBAgEwWTAm BggrBgEFBQcCARYaaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMwLwYIKwYBBQUH AgIwIwwhaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5MB8GA1UdIwQY MBaAFJ+4wals8vXAIiqU7VyZrNTs18YHMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUF BzABhhNodHRwOi8vdG4uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vdG4u c3ltY2IuY29tL3RuLmNydDANBgkqhkiG9w0BAQsFAAOCAQEA5sGPlY0MS1pF+Xw6 fA8Ef+gLmJ4VKdqwkCBoMrj2YGp/eoAGZdgU+HAnTlbP/JwYajmD96/QWrgflL/b 0F3RSz3vfb1ameH0vLlTYuYADW4cH5OAfD3QzeP2FWQfeaOlV+2+PAinJ88upe+w nqmzEmSf9RX3VNCTSaYMChMbDQ4mL69Zi6mVKX3967nBMR16/OSv1LqoO9mo+STv pOhjBSAP5MQHzBzfLk8ZZltNJPATvf1zhuUhAhvfRjRQBiROUAu8VzFMlbNh3Eoq mn5hNs+dJlHUZw7oJMGSg+Y+LEDATBf45H5JMP807IpzG7MLCzryHSBS6TxPdM1S wbo9qg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveHlDv4zEz+iRyB+87SS 5VpZX7Tc5FKwtbUNe0Je5nRl4/MhVSTsev/2H4HJRG/SIYMVktLBbebbJ4lofSO0 8/0653rFQdueG9j677mhUqdZ6g8TP6PZ1ns8tcD7LU8tMtannceO/8X5sxdZQP0V F6kvbzh3R18G9C7GNegPeUuzytluak5Be9qzrqE0v8voKlrq27aWJlbBuDwDL4ei zbzcICIROtHa0Y1Hb/OknvrGqOd1VphzUXBVi3oNTZh4cw6iiUjQwHVINet/6qOt mbo6J5Qfxd+c+fbWDeY0Ow56QZOSQgjLG3VS6T0VjcRfJVp7URMHeh7ws6rizTm6 /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 103414018070352562232456470249032693351 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte DV SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-06-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'gsg.kfh-dialyse.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23970432496421836627015722194939631514528855887695339254543157404906687120564964436060864631379577272806712198307232838731899716324814885291017610903970975821504996559150396842382149029098862758091305466433229054676000026682370068056565919632825570412235946201503094358125347369245356980223156920832168723831733700054911874204762199519185363134340400482719343653826300403771453487207031188881494505420961632058069852802748833269939267498735682270625546696812801117671323081769353536065854866825711885773319517701532908490421317900838872721872416517518471144487677649531113775781127878596011968345337574710856679799549 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gsg.kfh-dialyse.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcb.com/tn.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9fb8c1a96cf2f5c0222a94ed5c99acd4ecd7c607 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcb.com/tn.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00e6c18f958d0c4b5a45f97c3a7c0f047fe80b989e1529dab090206832b8f6606a7f7a800665d814f870274e56cffc9c186a3983f7afd05ab81f94bfdbd05dd14b3def7dbd5a99e1f4bcb95362e6000d6e1c1f93807c3dd0cde3f615641f79a3a557edbe3c08a727cf2ea5efb09ea9b312649ff515f754d09349a60c0a131b0d0e262faf598ba995297dfdebb9c1311d7afce4afd4baa83bd9a8f924efa4e86305200fe4c407cc1cdf2e4f19665b4d24f013bdfd7386e521021bdf46345006244e500bbc57314c95b361dc4a2a9a7e6136cf9d2651d4670ee824c19283e63e2c40c04c17f8e47e4930ff34ec8a731bb30b0b3af21d2052e93c4f74cd52c1ba3daa