*.heel.de
- Biologische Heilmittel Heel GmbH -
Issued by Thawte SSL CA
About this certificate
This digital certificate with serial number 62:22:dd:72:39:b5:ed:c6:5f:8a:d0:cf:cf:26:17:94 was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- CAs must include keyIdentifer field of AKI in all non-self-issued certificates (RFC 5280: 4.2.1.1)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Biologische Heilmittel Heel GmbH
Organization:
Biologische Heilmittel Heel GmbH
Organization unit: IT
Organization unit: IT
State / Province:
Baden-Wuerttemberg
Locality: Baden-Baden
Country: DE
Locality: Baden-Baden
Country: DE
Thawte, Inc.
Organization:
Thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 62:22:dd:72:39:b5:ed:c6:5f:8a:d0:cf:cf:26:17:94Serial Number (int): 130445373142505457322604534858894415764
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId:
Fingerprint (sha1): 04:e6:8e:48:a7:1a:8b:98:66:df:47:71:4b:e9:6a:61:eb:9d:1c:c6
Fingerprint (sha256): 88:ef:f9:f8:66:f9:c9:6c:40:75:56:f5:aa:25:61:a9:75:7a:a3:ce:80:b3:99:d7:af:3c:05:83:5b:c4:4d:f6
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-ov-crl.thawte.com/ThawteOV.crl
Check the revocation status for certificate *.heel.de
0
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.heel.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Extended Key Usages
Server Authentication
Client Authentication
Extensions
4 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
This certificate doesn't contain any subject alternative names.
Other certificates including the domain name heel.de
(limited to 100 certificates)
lauf.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
lauf.heel.de
lauf.heel.de
lauf.heel.de
heel.de
karriere.heel.de
karriere.heel.de
heel.com
heel.de
heel.de
www.heel.de
heel.de
karriere.heel.de
heel.de
heel.de
heel.de
karriere.heel.de
heel.de
lauf.heel.de
secured.heel.de
heel.com
heel.de
heel.de
secured.heel.de
heel.de
secured.heel.de
www.heel.de
karriere.heel.de
*.heel.de
secured.heel.de
secured.heel.de
karriere.heel.de
heel.de
secured.heel.de
heel.de
lsac.heel.com
lauf.heel.de
karriere.heel.de
heel.com
lauf.heel.de
*.heel.de
karriere.heel.de
heel.de
heel.de
lauf.heel.de
heel.de
secured.heel.de
heel.de
karriere.heel.de
lauf.heel.de
karriere.heel.de
*.heel.de
Certificate
The complete raw certificate details for *.heel.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIID9DCCAtygAwIBAgIQYiLdcjm17cZfitDPzyYXlDANBgkqhkiG9w0BAQUFADA8 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U aGF3dGUgU1NMIENBMB4XDTEyMDMyMzAwMDAwMFoXDTE0MDMyMzIzNTk1OVowgYwx CzAJBgNVBAYTAkRFMRswGQYDVQQIExJCYWRlbi1XdWVydHRlbWJlcmcxFDASBgNV BAcUC0JhZGVuLUJhZGVuMSkwJwYDVQQKFCBCaW9sb2dpc2NoZSBIZWlsbWl0dGVs IEhlZWwgR21iSDELMAkGA1UECxQCSVQxEjAQBgNVBAMUCSouaGVlbC5kZTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDWatydh9uxetzS/nBbaUjNHiQr BNTGYxUeDoUwVXRk1yjyPyG/q5kqSTfbkVSuxULGFE79tAAOBuqOIjoSkrpF9ehQ arnCmWV6iEJoQPJgXMxqxSi1+6GBssY3wqZLyETpT8B4xAjjxJ3q5SXmPIIjtGsD 527uBXsRi1NcDZ/1CXTszKuA5NFJxqfkCAjs0ZWFRFaP0sXD0k1ZwCv0oOn7he1N uPoOYTS6gyRDkF7uBemvj29B7OptQfAPso+1OfUCRGfIk5hszlZQwOSwfz8H+9I6 mnqtHzmqURSYAy2OfNKmVzRkp+v0ygXFn17lzlAzZgmFrs8Zt8ba5RE7+S0CAwEA AaOBoDCBnTAMBgNVHRMBAf8EAjAAMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9z dnItb3YtY3JsLnRoYXd0ZS5jb20vVGhhd3RlT1YuY3JsMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0 dHA6Ly9vY3NwLnRoYXd0ZS5jb20wDQYJKoZIhvcNAQEFBQADggEBADPipCnUW5te cuTrlDnd4QYN0N4UR8N9j+RojD7Y3TJwAEmtuOeV/VM4VK8hQdzPcnF7AmXdpETD 5Ypmq3dLGDJlgm96hF5hXQomy3LoV7YcdF4Ch2psuZoMWt/ZHVddbP2bH+5u/Lue TI9v30Ojfyz4eHtuJ2FaYA9OFy0D6WmVtNBXR3LUFTHA46COyXqSmYufA7Wi1Has mT7/BJs3vxbHX1sNocJQn+zc3n0sW/HzE7kRJGiuTchr0SGzHa2wCdhk6p8WgpO0 wiizBTa1hD/y28XmIEv8Fx6T3EzzhgPHoE9kB5G7+7i1jTtIRU6GQ5YwAu+XHSkz yMQVtl7NqAk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNZq3J2H27F63NL+cFtp SM0eJCsE1MZjFR4OhTBVdGTXKPI/Ib+rmSpJN9uRVK7FQsYUTv20AA4G6o4iOhKS ukX16FBqucKZZXqIQmhA8mBczGrFKLX7oYGyxjfCpkvIROlPwHjECOPEnerlJeY8 giO0awPnbu4FexGLU1wNn/UJdOzMq4Dk0UnGp+QICOzRlYVEVo/SxcPSTVnAK/Sg 6fuF7U24+g5hNLqDJEOQXu4F6a+Pb0Hs6m1B8A+yj7U59QJEZ8iTmGzOVlDA5LB/ Pwf70jqaeq0fOapRFJgDLY580qZXNGSn6/TKBcWfXuXOUDNmCYWuzxm3xtrlETv5 LQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 130445373142505457322604534858894415764 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-03-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-03-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baden-Wuerttemberg' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Baden-Baden' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Biologische Heilmittel Heel GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.heel.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24343487728365347661983141217637529023822327887395876731987159336244051958778454403286796959189948373898753622846751588665618803738206181611286708571484873589409334724496672965720449252650000145542512784937179115731949320678352356624332493624832134333556885744344299664831581597971104404521331566847286626001424878839124865234696517432481655198604093323286952419941715308274928317966869190355558044859683253698814304140156242472131872249138102895290471171260068812249772451643482001100261282875225105213282024381068758618201709327400188211194291952074728408029592205479785134165871766034056054831737117262877705369901 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-crl.thawte.com/ThawteOV.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0033e2a429d45b9b5e72e4eb9439dde1060dd0de1447c37d8fe4688c3ed8dd32700049adb8e795fd533854af2141dccf72717b0265dda444c3e58a66ab774b183265826f7a845e615d0a26cb72e857b61c745e02876a6cb99a0c5adfd91d575d6cfd9b1fee6efcbb9e4c8f6fdf43a37f2cf8787b6e27615a600f4e172d03e96995b4d0574772d41531c0e3a08ec97a92998b9f03b5a2d476ac993eff049b37bf16c75f5b0da1c2509fecdcde7d2c5bf1f313b9112468ae4dc86bd121b31dadb009d864ea9f168293b4c228b30536b5843ff2dbc5e6204bfc171e93dc4cf38603c7a04f640791bbfbb8b58d3b48454e8643963002ef971d2933c8c415b65ecda809