cms.zu.de

Issued by Thawte DV SSL CA

About this certificate

This digital certificate with serial number 52:f1:db:4c:b0:42:d8:b5:28:99:32:37:c7:0b:32:35 was issued on by Thawte, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Compliant certificates must not encode explicitTest as an IA5String (RFC 6818: 3)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=cms.zu.de

Thawte, Inc.

Organization: Thawte, Inc.
Organization unit: Domain Validated SSL
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 52:f1:db:4c:b0:42:d8:b5:28:99:32:37:c7:0b:32:35
Serial Number (int): 110252487120863720042098229569687073333
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: ab:44:e4:5d:ec:83:c7:d9:c0:85:9f:f7:e1:c6:97:90:b0:8c:3f:98

Fingerprint (sha1): 48:cc:21:5e:8c:b9:92:a1:f1:65:00:d7:77:96:8f:a7:0d:c6:be:c9
Fingerprint (sha256): 8a:4f:59:50:8e:d0:20:43:ab:63:4e:63:16:ec:22:01:5b:a5:bf:8a:b0:d4:08:38:25:07:8c:9f:40:aa:ee:41

Issuing Certificate URL: http://tc.symcb.com/tc.crt

Revocation information

OCSP Server: http://tc.symcd.com
CRL Distribution Point: http://tc.symcb.com/tc.crl

Check the revocation status for certificate cms.zu.de

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cms.zu.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cms.zu.de

Other certificates including the domain name zu.de

(limited to 100 certificates)
repro.zu.de
opus4.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
connect.zu.de
ts.zu.de
radsec.zu.de
ezproxy.zu.de
learning.zu.de
helpdesk.zu.de
repos.bsz-bw.de
email.zu.de
email.zu.de
www.zu.de
dms.zu.de
zucoyo.zu.de
cms.zu.de
cms.zu.de
cms.zu.de
repos.bsz-bw.de
app.zu.de
email.zu.de
email.zu.de
email.zu.de
navweb.zu.de
repos.bsz-bw.de
email.zu.de
cards.jonathanmuth.com
svp.zu.de
*.pbx.zu.de
radsec.zu.de
helpdesk.zu.de
guestportal.zu.de
mediathek.zu.de
guestlogin.zu.de
guestportal.zu.de
coyo.zu.de
zu.de
planspiel.zu.de
cms.zu.de
zu.de
repos.bsz-bw.de
opus4.bsz-bw.de
ezproxy.zu.de
zu.de
repro.zu.de
cms.zu.de
repos.bsz-bw.de
m.zu.de
repos.bsz-bw.de
cms.zu.de
systemone.zu.de
opus4.bsz-bw.de
guestportal.zu.de
learning.zu.de
email.zu.de
email.zu.de
zu.de
opus4.bsz-bw.de
finreporting.zu.de
helpdesk.zu.de
learning.zu.de
WEBMAIL.ZU.DE
cms.zu.de
guestportal.zu.de
opus4.bsz-bw.de
systemone.zu.de
adfs.zu.de
cms.zu.de
idp.zu.de
radsec.zu.de
zu.de
zuqpilot.zu.de
www.zu.de
reporting.zu.de
dms.zu.de
connect.zu.de
cntest.zu.de
repos.bsz-bw.de
m.zu.de
opus4.bsz-bw.de
zuqpilot.zu.de
learning.zu.de
repos.bsz-bw.de
dms.zu.de
opus4.bsz-bw.de
systemone.zu.de
m.zu.de
rdweb.zu.de
mediathek.zu.de
radsec.zu.de
www.zu.de
idp.zu.de
zu.de
systemone.zu.de
www.zu.de
opus4.bsz-bw.de
adfs.zu.de
*.pbx.zu.de
ts.zu.de

Certificate

The complete raw certificate details for cms.zu.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEYDCCA0igAwIBAgIQUvHbTLBC2LUomTI3xwsyNTANBgkqhkiG9w0BAQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe
Fw0xNDA1MTIwMDAwMDBaFw0xNjA1MTEyMzU5NTlaMBQxEjAQBgNVBAMMCWNtcy56
dS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJmx8AKw0vlO2XF7
xRttSKda6CI/Fz8+cP8dNbLUzyNJGsEMhYi46Tk3cBrJ3JUC1TgCqSntW98lnDgZ
XeeA68WJGqK7oBfejMVlnkbvUtCP5SnX9EJX6+PfSrWdK2/XfghqsNNsMAXNHDjs
FEkUvn1F6UnzUWA5Ju7MS2OCBBoyTVuK9ukJLW2OOE9loNixOSvIxKU5Tb/XGUQs
LRFzPrithQK/XErPU1ZOFZI6cm1uMPKGoAHLSYRbyLu2QoEajKj4K9Ijmob7UV2U
g2bTthpGT+kDQi48s72arpqkO0Oh8DRim6Y0r4HdGrNilSkk82eByyGniVJN6Gnt
bo36+HkCAwEAAaOCAWIwggFeMBQGA1UdEQQNMAuCCWNtcy56dS5kZTAJBgNVHRME
AjAAMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly90Yy5zeW1jYi5jb20vdGMuY3Js
MGUGA1UdIAReMFwwWgYKYIZIAYb4RQEHNjBMMCMGCCsGAQUFBwIBFhdodHRwczov
L2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZFhdodHRwczovL2Quc3ltY2Iu
Y29tL3JwYTAfBgNVHSMEGDAWgBSrRORd7IPH2cCFn/fhxpeQsIw/mDAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUF
BwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3RjLnN5bWNkLmNvbTAmBggrBgEF
BQcwAoYaaHR0cDovL3RjLnN5bWNiLmNvbS90Yy5jcnQwDQYJKoZIhvcNAQEFBQAD
ggEBAFbUQ3a5JLgEMDkAD3bjFF9Imuss0JZE11nkNshuth7hhZuoYhPF8E8olX4K
EL6Sf2kQ2M09CnPd35m+mxK2b5BoSjb6++dkW6l1y+gHv7einxEnfUCrsjYqb0tw
MmC1xvx0lisgVJxQjMLu3S/hZR0YAriMfZNHCtF/uyZ0ndHTufcSLk+Ym1ObPlwV
xsO6UZ/hOmYrKO6BJYMsws3rUUctPPgq4Y77AYSkagKygnCKmCdo5lH93Bn3aofg
RXsHe4Tb0nST2N/ZfqZmmEEqq5Tb9z/QE+tR0UHaWHxckH75tFJtWZiNTTLdylM0
eOXY9onY1sFJWJjugC72Nkcuyi4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbHwArDS+U7ZcXvFG21I
p1roIj8XPz5w/x01stTPI0kawQyFiLjpOTdwGsnclQLVOAKpKe1b3yWcOBld54Dr
xYkaorugF96MxWWeRu9S0I/lKdf0Qlfr499KtZ0rb9d+CGqw02wwBc0cOOwUSRS+
fUXpSfNRYDkm7sxLY4IEGjJNW4r26QktbY44T2Wg2LE5K8jEpTlNv9cZRCwtEXM+
uK2FAr9cSs9TVk4VkjpybW4w8oagActJhFvIu7ZCgRqMqPgr0iOahvtRXZSDZtO2
GkZP6QNCLjyzvZqumqQ7Q6HwNGKbpjSvgd0as2KVKSTzZ4HLIaeJUk3oae1ujfr4
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 110252487120863720042098229569687073333
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte DV SSL CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-05-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-05-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'cms.zu.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19402204931576027354821769965962278018923353746392344541702408940005752558700695567982628894577037284223121188024096426262994546765231977506409762724616450585083753451898072928866219160844637024563874376885375781972791224251694291256769434268446356685879933900648799481793311542437210242716573715765856796698033765159107446056261973519915036284143083745920553976974743976328840897634004415970909933588146234797541087123101702043907964491229204807635996837131757022394533367477328943021456884770257698703381452996255395897356249590516717815066429557884937151511907400364179171152788990867598309455545705445477096028281
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.zu.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tc.symcb.com/tc.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/rpa'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ab44e45dec83c7d9c0859ff7e1c69790b08c3f98
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tc.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tc.symcb.com/tc.crt'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0056d44376b924b8043039000f76e3145f489aeb2cd09644d759e436c86eb61ee1859ba86213c5f04f28957e0a10be927f6910d8cd3d0a73dddf99be9b12b66f90684a36fafbe7645ba975cbe807bfb7a29f11277d40abb2362a6f4b703260b5c6fc74962b20549c508cc2eedd2fe1651d1802b88c7d93470ad17fbb26749dd1d3b9f7122e4f989b539b3e5c15c6c3ba519fe13a662b28ee8125832cc2cdeb51472d3cf82ae18efb0184a46a02b282708a982768e651fddc19f76a87e0457b077b84dbd27493d8dfd97ea66698412aab94dbf73fd013eb51d141da587c5c907ef9b4526d59988d4d32ddca533478e5d8f689d8d6c1495898ee802ef636472eca2e