*.stthomasmountmtc.org
Issued by GTS CA 1P5
About this certificate
This digital certificate with serial number b5:fa:86:dd:45:ed:73:f3:0d:e1:4c:f0:19:6d:31:f1 was issued on by Google Trust Services LLC.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.stthomasmountmtc.org
Google Trust Services LLC
Organization:
Google Trust Services LLC
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): b5:fa:86:dd:45:ed:73:f3:0d:e1:4c:f0:19:6d:31:f1Serial Number (int): 241891076825655813531603101061324026353
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 3e:e1:f6:f9:74:66:af:4a:35:e9:2a:9e:5b:82:2c:7f:83:66:f3:31
AuthorityKeyId: d5:fc:9e:0d:df:1e:ca:dd:08:97:97:6e:2b:c5:5f:c5:2b:f5:ec:b8
Fingerprint (sha1): f9:21:cc:3d:aa:a4:5d:cf:09:97:b5:ba:f8:b7:09:2d:87:84:1f:fd
Fingerprint (sha256): 89:ba:c7:91:d1:0d:0e:62:4e:16:be:3c:36:56:44:95:b4:53:18:92:5e:55:88:6a:ef:2e:e2:8a:b1:fe:b9:8f
Issuing Certificate URL: http://pki.goog/repo/certs/gts1p5.der
Revocation information
OCSP Server: http://ocsp.pki.goog/s/gts1p5/vMawIEpn08ICRL Distribution Point: http://crls.pki.goog/gts1p5/fXbrD094iyQ.crl
Check the revocation status for certificate *.stthomasmountmtc.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.stthomasmountmtc.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.stthomasmountmtc.org
stthomasmountmtc.org
stthomasmountmtc.org
Other certificates including the domain name stthomasmountmtc.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.stthomasmountmtc.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIRALX6ht1F7XPzDeFM8BltMfEwDQYJKoZIhvcNAQELBQAw RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM TEMxEzARBgNVBAMTCkdUUyBDQSAxUDUwHhcNMjMwOTI3MTA0ODA3WhcNMjMxMjI2 MTA0ODA2WjAhMR8wHQYDVQQDDBYqLnN0dGhvbWFzbW91bnRtdGMub3JnMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt3zBgjscFZ3K1CIVebYsUWYvSny lA9TseAoijwgUPTY3XUgN3RZ8Qp0aikPJ605Kj5GRHqK4eCFOfmk7phG0UY8mRXi y+paaUui0qApFkjxAeu9lVkhaAdDXhVBtzM7PtpwHe59FmvEmO3MXZvyojo0uPVw +iAm2xxF69QT0IjNINzRIg9qQhqtYAhRfZ/cPLz/VUfpkvjv1diGoErjU+Prt2lE eOI/hhG+7LrZCKQ6xrsi2Dm++CeCQK9o14js0CaRHm7fF9WB4MpgPqSY84rr1Io1 eSQ8C06IUiNv03uABy2EmR4r/L77z/riJSyGs79fTsB75X8ycd8aBpnFvwIDAQAB o4IClTCCApEwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFD7h9vl0Zq9KNekqnluCLH+DZvMxMB8GA1Ud IwQYMBaAFNX8ng3fHsrdCJeXbivFX8Ur9ey4MHgGCCsGAQUFBwEBBGwwajA1Bggr BgEFBQcwAYYpaHR0cDovL29jc3AucGtpLmdvb2cvcy9ndHMxcDUvdk1hd0lFcG4w OEkwMQYIKwYBBQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czFw NS5kZXIwNwYDVR0RBDAwLoIWKi5zdHRob21hc21vdW50bXRjLm9yZ4IUc3R0aG9t YXNtb3VudG10Yy5vcmcwIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIF AzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxcDUv ZlhickQwOTRpeVEuY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAejKMVNi3 LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGK1nfGRgAABAMASDBGAiEAgIFt v8aZsifuCaMl1h0xtrTql+I9p8GsMFZ9UaJ90zACIQCnwt+Jr0XMLfRVnzeuF3Qo hDsTk/h92mrerCmvndsv0gB3AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr 3IKKAAABitZ3xj0AAAQDAEgwRgIhAP3niKRAPsgT6h16IuTja784ZKWol79pJ3QJ 1EtJT7ZrAiEA+dURd/iBcxdFyEvSb0b0gINQIujO2cX2/Gan5LfRD9owDQYJKoZI hvcNAQELBQADggEBAEIBTP4YeAFVofjl504KKLbYtkZ4LlWLDTM1TAHAvGOUUOlt fjXn+wMemFuCCHgVJLO8TrT35Y5Sasgg5UcmJx7YXCcPOvpHYo7baREZjqOQNXO/ Ums46HSGtcwBmoPkvrenNsRcpRkWpC+Ej4OubcMX7yExmkn2XVHFpXWoOVKIoWiA Pk6U3kgv+vjQxMpOVycXAMV7MN1cIeKEn89BiBc7WbbZP1pc8b217u+j+FucFrti 0vTGXo9KD/bIU1BmEC478QkzFV5d3jQmxsrSCoFbtYXFD9K+geXLS5jK2U6Pu6VX Yt+1pJP6sIdhT+liQ6T2NGryx/XhfNA0+zZmd0g= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt3zBgjscFZ3K1CIVebY sUWYvSnylA9TseAoijwgUPTY3XUgN3RZ8Qp0aikPJ605Kj5GRHqK4eCFOfmk7phG 0UY8mRXiy+paaUui0qApFkjxAeu9lVkhaAdDXhVBtzM7PtpwHe59FmvEmO3MXZvy ojo0uPVw+iAm2xxF69QT0IjNINzRIg9qQhqtYAhRfZ/cPLz/VUfpkvjv1diGoErj U+Prt2lEeOI/hhG+7LrZCKQ6xrsi2Dm++CeCQK9o14js0CaRHm7fF9WB4MpgPqSY 84rr1Io1eSQ8C06IUiNv03uABy2EmR4r/L77z/riJSyGs79fTsB75X8ycd8aBpnF vwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 241891076825655813531603101061324026353 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1P5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-27 10:48:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 10:48:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.stthomasmountmtc.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25609584887472542939761445498180031689340408167715346204759373280017590420037240034989894302832290872856695876330718173561939214748088836322818793492218955254059049699452588487047938675468927132186009530570256786681228123990594945910657346614974347567543327577154231809756658102066105940851787075662208196133435323198715901985762483703467104564387651722900142829654868554837787352024479702045967338409636312952950620692227895059347692770507128104203254419048391963894847758565709943621797186778993705906175128396543770106879713735664971015971319353321595172922788938483187631453289497027835182373749978080343731324351 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3ee1f6f97466af4a35e92a9e5b822c7f8366f331 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d5fc9e0ddf1ecadd0897976e2bc55fc52bf5ecb8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1p5/vMawIEpn08I' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1p5.der' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stthomasmountmtc.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stthomasmountmtc.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1p5/fXbrD094iyQ.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f20077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ad677c646000004030048304602210080816dbfc699b227ee09a325d61d31b6b4ea97e23da7c1ac30567d51a27dd330022100a7c2df89af45cc2df4559f37ae177428843b1393f87dda6adeac29af9ddb2fd2007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018ad677c63d0000040300483046022100fde788a4403ec813ea1d7a22e4e36bbf3864a5a897bf69277409d44b494fb66b022100f9d51177f881731745c84bd26f46f480835022e8ced9c5f6fc66a7e4b7d10fda . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042014cfe18780155a1f8e5e74e0a28b6d8b646782e558b0d33354c01c0bc639450e96d7e35e7fb031e985b8208781524b3bc4eb4f7e58e526ac820e54726271ed85c270f3afa47628edb6911198ea3903573bf526b38e87486b5cc019a83e4beb7a736c45ca51916a42f848f83ae6dc317ef21319a49f65d51c5a575a8395288a168803e4e94de482ffaf8d0c4ca4e57271700c57b30dd5c21e2849fcf4188173b59b6d93f5a5cf1bdb5eeefa3f85b9c16bb62d2f4c65e8f4a0ff6c8535066102e3bf10933155e5dde3426c6cad20a815bb585c50fd2be81e5cb4b98cad94e8fbba55762dfb5a493fab087614fe96243a4f6346af2c7f5e17cd034fb36667748