gsg.kfh-dialyse.de

Issued by thawte DV SSL CA - G2

About this certificate

This digital certificate with serial number 4d:cc:d0:be:85:34:1a:fe:7e:6e:8f:f1:a2:00:b6:67 was issued on by thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=gsg.kfh-dialyse.de

thawte, Inc.

Organization: thawte, Inc.
Organization unit: Domain Validated SSL
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4d:cc:d0:be:85:34:1a:fe:7e:6e:8f:f1:a2:00:b6:67
Serial Number (int): 103414018070352562232456470249032693351
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 9f:b8:c1:a9:6c:f2:f5:c0:22:2a:94:ed:5c:99:ac:d4:ec:d7:c6:07

Fingerprint (sha1): 35:50:af:a3:eb:f2:2b:29:64:ce:8b:44:4c:9f:da:f3:15:15:4e:45
Fingerprint (sha256): 76:f6:16:3c:00:d3:77:54:b1:8b:8a:ba:33:e8:36:10:12:fe:d1:72:0c:2f:b1:da:83:13:9c:86:b6:ff:08:6d

Issuing Certificate URL: http://tn.symcb.com/tn.crt

Revocation information

OCSP Server: http://tn.symcd.com
CRL Distribution Point: http://tn.symcb.com/tn.crl

Check the revocation status for certificate gsg.kfh-dialyse.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gsg.kfh-dialyse.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gsg.kfh-dialyse.de

Other certificates including the domain name kfh-dialyse.de

(limited to 100 certificates)
webmail.kfh-dialyse.de
webmail.kfh-dialyse.de
qin.kfh-dialyse.de
mail.kfh-dialyse.de
owa.kfh-dialyse.de
gsg.kfh-dialyse.de
sharepoint.kfh-dialyse.de
gsg.kfh-dialyse.de
gsg.kfh-dialyse.de
mail.kfh-dialyse.de
gsg.kfh-dialyse.de
webmail.kfh-dialyse.de
gsg.kfh-dialyse.de
qin.kfh-dialyse.de
mail.kfh-dialyse.de

Certificate

The complete raw certificate details for gsg.kfh-dialyse.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEgDCCA2igAwIBAgIQTczQvoU0Gv5+bo/xogC2ZzANBgkqhkiG9w0BAQsFADBj
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEeMBwGA1UEAxMVdGhhd3RlIERWIFNTTCBDQSAt
IEcyMB4XDTE1MDYxOTAwMDAwMFoXDTE3MDcxODIzNTk1OVowHTEbMBkGA1UEAxQS
Z3NnLmtmaC1kaWFseXNlLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAveHlDv4zEz+iRyB+87SS5VpZX7Tc5FKwtbUNe0Je5nRl4/MhVSTsev/2H4HJ
RG/SIYMVktLBbebbJ4lofSO08/0653rFQdueG9j677mhUqdZ6g8TP6PZ1ns8tcD7
LU8tMtannceO/8X5sxdZQP0VF6kvbzh3R18G9C7GNegPeUuzytluak5Be9qzrqE0
v8voKlrq27aWJlbBuDwDL4eizbzcICIROtHa0Y1Hb/OknvrGqOd1VphzUXBVi3oN
TZh4cw6iiUjQwHVINet/6qOtmbo6J5Qfxd+c+fbWDeY0Ow56QZOSQgjLG3VS6T0V
jcRfJVp7URMHeh7ws6rizTm6/QIDAQABo4IBdDCCAXAwHQYDVR0RBBYwFIISZ3Nn
LmtmaC1kaWFseXNlLmRlMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0
cDovL3RuLnN5bWNiLmNvbS90bi5jcmwwbgYDVR0gBGcwZTBjBgZngQwBAgEwWTAm
BggrBgEFBQcCARYaaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMwLwYIKwYBBQUH
AgIwIwwhaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5MB8GA1UdIwQY
MBaAFJ+4wals8vXAIiqU7VyZrNTs18YHMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUF
BzABhhNodHRwOi8vdG4uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vdG4u
c3ltY2IuY29tL3RuLmNydDANBgkqhkiG9w0BAQsFAAOCAQEA5sGPlY0MS1pF+Xw6
fA8Ef+gLmJ4VKdqwkCBoMrj2YGp/eoAGZdgU+HAnTlbP/JwYajmD96/QWrgflL/b
0F3RSz3vfb1ameH0vLlTYuYADW4cH5OAfD3QzeP2FWQfeaOlV+2+PAinJ88upe+w
nqmzEmSf9RX3VNCTSaYMChMbDQ4mL69Zi6mVKX3967nBMR16/OSv1LqoO9mo+STv
pOhjBSAP5MQHzBzfLk8ZZltNJPATvf1zhuUhAhvfRjRQBiROUAu8VzFMlbNh3Eoq
mn5hNs+dJlHUZw7oJMGSg+Y+LEDATBf45H5JMP807IpzG7MLCzryHSBS6TxPdM1S
wbo9qg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveHlDv4zEz+iRyB+87SS
5VpZX7Tc5FKwtbUNe0Je5nRl4/MhVSTsev/2H4HJRG/SIYMVktLBbebbJ4lofSO0
8/0653rFQdueG9j677mhUqdZ6g8TP6PZ1ns8tcD7LU8tMtannceO/8X5sxdZQP0V
F6kvbzh3R18G9C7GNegPeUuzytluak5Be9qzrqE0v8voKlrq27aWJlbBuDwDL4ei
zbzcICIROtHa0Y1Hb/OknvrGqOd1VphzUXBVi3oNTZh4cw6iiUjQwHVINet/6qOt
mbo6J5Qfxd+c+fbWDeY0Ow56QZOSQgjLG3VS6T0VjcRfJVp7URMHeh7ws6rizTm6
/QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 103414018070352562232456470249032693351
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte DV SSL CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-06-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-07-18 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'gsg.kfh-dialyse.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23970432496421836627015722194939631514528855887695339254543157404906687120564964436060864631379577272806712198307232838731899716324814885291017610903970975821504996559150396842382149029098862758091305466433229054676000026682370068056565919632825570412235946201503094358125347369245356980223156920832168723831733700054911874204762199519185363134340400482719343653826300403771453487207031188881494505420961632058069852802748833269939267498735682270625546696812801117671323081769353536065854866825711885773319517701532908490421317900838872721872416517518471144487677649531113775781127878596011968345337574710856679799549
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gsg.kfh-dialyse.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcb.com/tn.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9fb8c1a96cf2f5c0222a94ed5c99acd4ecd7c607
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tn.symcb.com/tn.crt'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00e6c18f958d0c4b5a45f97c3a7c0f047fe80b989e1529dab090206832b8f6606a7f7a800665d814f870274e56cffc9c186a3983f7afd05ab81f94bfdbd05dd14b3def7dbd5a99e1f4bcb95362e6000d6e1c1f93807c3dd0cde3f615641f79a3a557edbe3c08a727cf2ea5efb09ea9b312649ff515f754d09349a60c0a131b0d0e262faf598ba995297dfdebb9c1311d7afce4afd4baa83bd9a8f924efa4e86305200fe4c407cc1cdf2e4f19665b4d24f013bdfd7386e521021bdf46345006244e500bbc57314c95b361dc4a2a9a7e6136cf9d2651d4670ee824c19283e63e2c40c04c17f8e47e4930ff34ec8a731bb30b0b3af21d2052e93c4f74cd52c1ba3daa