franny-web.ch
Issued by Symantec Basic DV SSL CA - G2
About this certificate
This digital certificate with serial number 02:d8:fc:8e:12:1a:f2:c3:a8:00:18:37:7e:7a:52:1a was issued on by Symantec Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=franny-web.ch
Symantec Corporation
Organization:
Symantec Corporation
Organization unit: Symantec Trust Network
Organization unit: Domain Validated SSL
Organization unit: Symantec Trust Network
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 02:d8:fc:8e:12:1a:f2:c3:a8:00:18:37:7e:7a:52:1aSerial Number (int): 3785114536235860430056817166326059546
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: ca:ac:5d:e1:90:2f:f1:ef:8c:d4:9f:35:01:e1:01:3b:a0:ce:c1:77
Fingerprint (sha1): 2d:96:dc:f8:df:a1:1b:02:1f:61:12:bb:a8:83:49:73:ab:46:14:58
Fingerprint (sha256): 8d:ae:df:cd:cd:80:45:46:5a:67:dd:08:f2:84:2b:1c:ab:61:6d:5d:96:6b:f2:da:ac:12:88:34:2c:d9:d2:fa
Issuing Certificate URL: http://hd.symcb.com/hd.crt
Revocation information
OCSP Server: http://hd.symcd.comCheck the revocation status for certificate franny-web.ch
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for franny-web.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
franny-web.ch
www.franny-web.ch
www.franny-web.ch
Other certificates including the domain name franny-web.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for franny-web.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgIQAtj8jhIa8sOoABg3fnpSGjANBgkqhkiG9w0BAQsFADCB lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQLExREb21haW4g VmFsaWRhdGVkIFNTTDEmMCQGA1UEAxMdU3ltYW50ZWMgQmFzaWMgRFYgU1NMIENB IC0gRzIwHhcNMTcxMTA4MDAwMDAwWhcNMTgxMTA1MjM1OTU5WjAYMRYwFAYDVQQD DA1mcmFubnktd2ViLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA zuLuciiT8q8lOwYsthRPvrgODmXqWlRuiMbF3sj2lQtpzz3mSj+kksA6spcaqUgs vfunSmIXIIhyaYJqYZwwjT4437fIltzThO/6BZE3Z0ll9ZPUMxIpg/6uqIcreJoz cZJD4wDa1RcouUU5RW7Kji5uhhMow/Dcnvv2kfK0d9m40V3B5roMAapKdJwQwLcv c8fNf7tMsZUbMFg2V8myDwPVcALPX198BKht50O1JDOXMywcqmvKg27UyMmFgB+6 Mk8d2F3GRe/FBPGrqSDcMKng1xVp/AB+0EF0c7HQ6ffdkJsggL2iBNcSQ2EU0F69 KG6mgfpV5nD1Uu+VqByc8QIDAQABo4ICUDCCAkwwKwYDVR0RBCQwIoINZnJhbm55 LXdlYi5jaIIRd3d3LmZyYW5ueS13ZWIuY2gwCQYDVR0TBAIwADBhBgNVHSAEWjBY MFYGBmeBDAECATBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2Nw czAlBggrBgEFBQcCAjAZDBdodHRwczovL2Quc3ltY2IuY29tL3JwYTAfBgNVHSME GDAWgBTKrF3hkC/x74zUnzUB4QE7oM7BdzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEF BQcwAYYTaHR0cDovL2hkLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL2hk LnN5bWNiLmNvbS9oZC5jcnQwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDd6x0r eg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAV+bDNttAAAEAwBHMEUCIQDG CvNEmr3qYwJ75XXd179kbTMC1AESwu0VocAh+scIJQIgS8QFslUhe7j+nllEk9lk 6PPazP575subnYTNWHrj9dAAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80O yA3cEAAAAV+bDNujAAAEAwBHMEUCIQDoRngh7ZZsRbv93IC6JzKqGj9jnvPtvpaC k1gecEP6KgIgTO3w/MwoC5s/tN02l9GY2zCNdpjjpqMi2FK/mctAuLYwDQYJKoZI hvcNAQELBQADggEBAJCCT2a3PXNP+M5WpBDwxvTQK++xKVn8sbnA3W1zA+DyS9P+ +/2ID7KeDmThk8ZP1bwvpEXwxQJqOEUz2IW2blIgRbNG1xvHOvaYwtuNEOAHi3xL jM6yGsXqndu+MGbU0YkSuUyN1RieRqocWOHichZ0WM/wOuY1OnCBGd6TMcccQeLI BZfFfU0Dw0/U61MiX0QDPXJ9PsMv0FSnYwtwMsg5S+aYUQRS7u5JBaws4APplSYx Mf2h5sHG3AR1nrNPqfOvt5V0a0AtAAz6YNJDClwEuE3P7rCQpMuDnUZpCcfxPz8v 2bC8Gfm9piDsuEIJYmQNYKtfsULiRcQDNN4CHQk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuLuciiT8q8lOwYsthRP vrgODmXqWlRuiMbF3sj2lQtpzz3mSj+kksA6spcaqUgsvfunSmIXIIhyaYJqYZww jT4437fIltzThO/6BZE3Z0ll9ZPUMxIpg/6uqIcreJozcZJD4wDa1RcouUU5RW7K ji5uhhMow/Dcnvv2kfK0d9m40V3B5roMAapKdJwQwLcvc8fNf7tMsZUbMFg2V8my DwPVcALPX198BKht50O1JDOXMywcqmvKg27UyMmFgB+6Mk8d2F3GRe/FBPGrqSDc MKng1xVp/AB+0EF0c7HQ6ffdkJsggL2iBNcSQ2EU0F69KG6mgfpV5nD1Uu+VqByc 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 3785114536235860430056817166326059546 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Trust Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Basic DV SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'franny-web.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26116994881576746150709588131594161581588797638458290809413470394974453532149310400956510450053731104183024722410831261119542666428917259756078034803550193917222862497587112178961728844473739414649966103116434394254321338372801334965489006126438427439485614507520711768692592331684213790518099104684642977573423534341632775551528732075415206850959501833715907636420529231331343850517920058109651409193705330204559382737306780931235641764914730360936364563332670260426775189463508918287954335307473424707727325468361844456745146561271359820722157338558106097370471441729348998839878034213322804800953386027464865389809 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'franny-web.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.franny-web.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://d.symcb.com/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName caac5de1902ff1ef8cd49f3501e1013ba0cec177 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcb.com/hd.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015f9b0cdb6d0000040300473045022100c60af3449abdea63027be575ddd7bf646d3302d40112c2ed15a1c021fac7082502204bc405b255217bb8fe9e594493d964e8f3daccfe7be6cb9b9d84cd587ae3f5d0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015f9b0cdba30000040300473045022100e8467821ed966c45bbfddc80ba2732aa1a3f639ef3edbe968293581e7043fa2a02204cedf0fccc280b9b3fb4dd3697d198db308d7698e3a6a322d852bf99cb40b8b6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0090824f66b73d734ff8ce56a410f0c6f4d02befb12959fcb1b9c0dd6d7303e0f24bd3fefbfd880fb29e0e64e193c64fd5bc2fa445f0c5026a384533d885b66e522045b346d71bc73af698c2db8d10e0078b7c4b8cceb21ac5ea9ddbbe3066d4d18912b94c8dd5189e46aa1c58e1e272167458cff03ae6353a708119de9331c71c41e2c80597c57d4d03c34fd4eb53225f44033d727d3ec32fd054a7630b7032c8394be698510452eeee4905ac2ce003e995263131fda1e6c1c6dc04759eb34fa9f3afb795746b402d000cfa60d2430a5c04b84dcfeeb090a4cb839d466909c7f13f3f2fd9b0bc19f9bda620ecb8420962640d60ab5fb142e245c40334de021d09