baetscher.com
Issued by GTS CA 1P5
About this certificate
This digital certificate with serial number 4c:be:59:d0:14:14:02:04:11:a0:2b:73:8a:97:6d:3b was issued on by Google Trust Services LLC.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=baetscher.com
Google Trust Services LLC
Organization:
Google Trust Services LLC
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:be:59:d0:14:14:02:04:11:a0:2b:73:8a:97:6d:3bSerial Number (int): 102009685702901639788369280508647402811
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: c5:d3:02:9a:60:27:84:85:2b:b8:6a:8b:9e:ef:7a:e0:18:5f:7c:b9
AuthorityKeyId: d5:fc:9e:0d:df:1e:ca:dd:08:97:97:6e:2b:c5:5f:c5:2b:f5:ec:b8
Fingerprint (sha1): 28:06:af:b7:4c:6f:f8:f1:0b:aa:4f:e4:5e:37:2b:ce:3f:55:12:85
Fingerprint (sha256): 7d:96:83:9f:7d:39:af:60:c5:30:a1:a2:e8:a0:b5:4d:6d:ee:29:4e:3a:b7:c2:9b:4b:df:f9:ae:34:4e:3e:3f
Issuing Certificate URL: http://pki.goog/repo/certs/gts1p5.der
Revocation information
OCSP Server: http://ocsp.pki.goog/s/gts1p5/CvclVRu0hF8CRL Distribution Point: http://crls.pki.goog/gts1p5/1eLAQ7_rI1Q.crl
Check the revocation status for certificate baetscher.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for baetscher.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
baetscher.com
*.baetscher.com
*.baetscher.com
Other certificates including the domain name baetscher.com
(limited to 100 certificates)
anacron.organizerweb.com.br
www.baetscher.com
baetscher.com
baetscher.com
isehararenkei.info
dariuszczajka.com
www.baetscher.com
www.baetscher.com
mfpguest.com
gcp.baetscher.com
baetscher.com
software.baetscher.com
baetscher.com
avtovikup-kiev.com
www.jovanpetrov.com
sni.cloudflaressl.com
www.baetscher.com
www.baetscher.com
www.baetscher.com
www.jovanpetrov.com
trivia360.app
www.baetscher.com
bni-romania.ro
sni.cloudflaressl.com
www.baetscher.com
canoe.vysledky-zavodu.cz
baetscher.com
gcp.baetscher.com
www.baetscher.com
www.baetscher.com
baetscher.com
baetscher.com
isehararenkei.info
dariuszczajka.com
www.baetscher.com
www.baetscher.com
mfpguest.com
gcp.baetscher.com
baetscher.com
software.baetscher.com
baetscher.com
avtovikup-kiev.com
www.jovanpetrov.com
sni.cloudflaressl.com
www.baetscher.com
www.baetscher.com
www.baetscher.com
www.jovanpetrov.com
trivia360.app
www.baetscher.com
bni-romania.ro
sni.cloudflaressl.com
www.baetscher.com
canoe.vysledky-zavodu.cz
baetscher.com
gcp.baetscher.com
www.baetscher.com
Certificate
The complete raw certificate details for baetscher.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIQTL5Z0BQUAgQRoCtzipdtOzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFQNTAeFw0yMzEyMjQwODIzMjFaFw0yNDAzMjMw ODIzMjBaMBgxFjAUBgNVBAMTDWJhZXRzY2hlci5jb20wggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDvHKAOsJcU6/B/Q+Z8mR3iOY5wylpQ6Y0lGwPcujoQ r0LuP03SnEh9Bm7XXqEhKunA4a6jn9eH9q64BJebsSUzbcCmm8aa6UkMA2IciuEm 06YjyO2DMZdMfMJCoLHq05fqACain0y3VToD33Y2wqhOMDcGUJ5h6GmEsYHN7WS7 +5eqCqHq4eaRcY+dSnv5RM8dUuH5KsIbuxE7OYhKQT6FHpMH/MKWs+R242O0fxKr Pq1ee1yZ1BWjoNasZhYwdwf5m0M8dv8bEUCYZmiLGa94DXaClt0Xdw0BDCHPZySF CISj1SrGZGW371bbfcaRylPOuLF9zYiC5oMs46D9/xzRAgMBAAGjggKGMIICgjAO BgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQUxdMCmmAnhIUruGqLnu964BhffLkwHwYDVR0jBBgwFoAU1fye Dd8eyt0Il5duK8VfxSv17LgweAYIKwYBBQUHAQEEbDBqMDUGCCsGAQUFBzABhilo dHRwOi8vb2NzcC5wa2kuZ29vZy9zL2d0czFwNS9DdmNsVlJ1MGhGODAxBggrBgEF BQcwAoYlaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzMXA1LmRlcjApBgNV HREEIjAggg1iYWV0c2NoZXIuY29tgg8qLmJhZXRzY2hlci5jb20wIQYDVR0gBBow GDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRw Oi8vY3Jscy5wa2kuZ29vZy9ndHMxcDUvMWVMQVE3X3JJMVEuY3JsMIIBBQYKKwYB BAHWeQIEAgSB9gSB8wDxAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xa OnQAAAGMmyLdLgAABAMARzBFAiArpoP1gWkA0I3eKUNosUnHyrwVaQAIosHfKAfz r4Tw/AIhAIiMWaHFUQi5pdjL+OWieuXqShL8P896sbSBAqQsb7avAHcAouK/1h7e Ly8HoNZObTen3GVDsMa1LqLat4r4mm31F9gAAAGMmyLdEwAABAMASDBGAiEAql5D GTMKNk6ofvfUvjkfH0lhFNHeiXhbFqq2rGipT34CIQDyGDbIkLS489gFUjuIkEj2 Yb0so+r2lOC33NJzYMpfwjANBgkqhkiG9w0BAQsFAAOCAQEADfcQi58Wy1hqD6+J 1yWNSY1qaVgRYhsUtsSqt3X608REGqqyLOI/7zVqC3N1Z0dDLnkdD5HUQzIAcGOC eSwMxaXrnGoIMSxRQkhakZyBJTM1jO+/mfVBxrWxFezcWIxRZQevVQMdfdWzScKM 6kNG32JHf1eHmNaZ6QqPyiy3WOi0PESGQOzp++uvbskbr+4OUy1S90x3JV1JRd/U mWqKmEjfDZjkc0LnbUy1P6/eRueXmvFW5CHfrQLvYp51m87Jbt6Br3LJmCu3Hkol dqFzslBbyK2qZL9D0LKm6GLg/tXRpxinq1coWZ388LlZwH9aNnd/aZkh74IHJFP/ RMPT6Q== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xygDrCXFOvwf0PmfJkd 4jmOcMpaUOmNJRsD3Lo6EK9C7j9N0pxIfQZu116hISrpwOGuo5/Xh/auuASXm7El M23AppvGmulJDANiHIrhJtOmI8jtgzGXTHzCQqCx6tOX6gAmop9Mt1U6A992NsKo TjA3BlCeYehphLGBze1ku/uXqgqh6uHmkXGPnUp7+UTPHVLh+SrCG7sROzmISkE+ hR6TB/zClrPkduNjtH8Sqz6tXntcmdQVo6DWrGYWMHcH+ZtDPHb/GxFAmGZoixmv eA12gpbdF3cNAQwhz2ckhQiEo9UqxmRlt+9W233GkcpTzrixfc2IguaDLOOg/f8c 0QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 102009685702901639788369280508647402811 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1P5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-24 08:23:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-23 08:23:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'baetscher.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30185070511012221286453294062385605249969958900438766917557012263320877364754383598515587672727366640907442177238673704427179772212888211850811032593363234160655949999141281084778289211837609469125975694873836983909196644749198657326187813351751356778574917302609028592343675831804972288008205225188857534790518408241796913984576414621929655609605459282861785084468472512484664898619689957048181067863567543671825490206977536238285768556622310141134375238297985540786692978059710847693836533448496195359168673734705555913824032316663774854608408050908073436830237101978263890002223878407852350371611073543965624966353 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c5d3029a602784852bb86a8b9eef7ae0185f7cb9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d5fc9e0ddf1ecadd0897976e2bc55fc52bf5ecb8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1p5/CvclVRu0hF8' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1p5.der' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'baetscher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.baetscher.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1p5/1eLAQ7_rI1Q.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c9b22dd2e000004030047304502202ba683f5816900d08dde294368b149c7cabc15690008a2c1df2807f3af84f0fc022100888c59a1c55108b9a5d8cbf8e5a27ae5ea4a12fc3fcf7ab1b48102a42c6fb6af007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c9b22dd130000040300483046022100aa5e4319330a364ea87ef7d4be391f1f496114d1de89785b16aab6ac68a94f7e022100f21836c890b4b8f3d805523b889048f661bd2ca3eaf694e0b7dcd27360ca5fc2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000df7108b9f16cb586a0faf89d7258d498d6a695811621b14b6c4aab775fad3c4441aaab22ce23fef356a0b73756747432e791d0f91d4433200706382792c0cc5a5eb9c6a08312c5142485a919c812533358cefbf99f541c6b5b115ecdc588c516507af55031d7dd5b349c28cea4346df62477f578798d699e90a8fca2cb758e8b43c448640ece9fbebaf6ec91bafee0e532d52f74c77255d4945dfd4996a8a9848df0d98e47342e76d4cb53fafde46e7979af156e421dfad02ef629e759bcec96ede81af72c9982bb71e4a2576a173b2505bc8adaa64bf43d0b2a6e862e0fed5d1a718a7ab5728599dfcf0b959c07f5a36777f699921ef82072453ff44c3d3e9