www.sdkaartshop.nl
Issued by Intermediate Certificate DV SSL CA - G2
About this certificate
This digital certificate with serial number 35:8d was issued on by Intermediate Certificate.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.sdkaartshop.nl
Intermediate Certificate
Organization:
Intermediate Certificate
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 35:8dSerial Number (int): 13709
Serial Number lenght: 14 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: 63:1c:a8:a7:b1:93:35:8f:16:76:9e:e5:fa:5f:c8:e6:ad:bf:2f:b9
Fingerprint (sha1): 52:85:6b:cf:5f:24:06:a3:91:38:13:a3:6a:1a:00:ba:ea:e5:26:f3
Fingerprint (sha256): 90:d8:49:57:5f:22:f1:15:f4:00:05:95:29:62:e2:6b:71:af:97:22:b1:04:69:23:82:96:e0:91:a5:2b:d7:a5
Issuing Certificate URL: http://ica-aia.digitalcertvalidation.com/icag2.crt
Revocation information
OCSP Server: http://ica-ocsp.digitalcertvalidation.comCRL Distribution Point: http://ica-crl.digitalcertvalidation.com/crls/icag2.crl
Check the revocation status for certificate www.sdkaartshop.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.sdkaartshop.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.sdkaartshop.nl
sdkaartshop.nl
sdkaartshop.nl
Other certificates including the domain name sdkaartshop.nl
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.sdkaartshop.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICNY0wDQYJKoZIhvcNAQELBQAwgYExCzAJBgNVBAYTAk5M MSEwHwYDVQQKExhJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUxHTAbBgNVBAsTFERv bWFpbiBWYWxpZGF0ZWQgU1NMMTAwLgYDVQQDEydJbnRlcm1lZGlhdGUgQ2VydGlm aWNhdGUgRFYgU1NMIENBIC0gRzIwHhcNMTUxMjExMDUzMjM2WhcNMTYwODEzMTc0 MDAzWjAdMRswGQYDVQQDExJ3d3cuc2RrYWFydHNob3AubmwwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQC+cNIgLP4YXVPrA4xewAHdpOdLEjOj5mqHrnDo jxCB+kQaoPogYSeZcr8Uqf25I9B/t+1nDfp8RajF5ZQW4Qq1Cuf3Vy7Hy7k/+TMk sbzu578yk7qR3Vqu9aD3giKRd74IgQJ/CzVfiXmr3yQBvs49HgxfdbSJ0XtQaGLn MKSUrLxbzN31fVBRlsP5eLzjT7/KXC3sLSMpU7xTBeHAQ61WPmy9AqJrIj8iEXlz Ll7x67MwdU/RBSavGL2aoP5GtYb90pkvuuWOnn+X5PRBNrTa13esMRoQoaEj8lJW Hv/+F9quSPYhJGBuH8VJGit7ZcTwuK7mtamtloxi2R06ZIepAgMBAAGjggG7MIIB tzAfBgNVHSMEGDAWgBRjHKinsZM1jxZ2nuX6X8jmrb8vuTCBhQYIKwYBBQUHAQEE eTB3MDUGCCsGAQUFBzABhilodHRwOi8vaWNhLW9jc3AuZGlnaXRhbGNlcnR2YWxp ZGF0aW9uLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL2ljYS1haWEuZGlnaXRhbGNl cnR2YWxpZGF0aW9uLmNvbS9pY2FnMi5jcnQwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAtBgNVHREEJjAkghJ3d3cuc2RrYWFy dHNob3AubmyCDnNka2FhcnRzaG9wLm5sMEgGA1UdHwRBMD8wPaA7oDmGN2h0dHA6 Ly9pY2EtY3JsLmRpZ2l0YWxjZXJ0dmFsaWRhdGlvbi5jb20vY3Jscy9pY2FnMi5j cmwwDAYDVR0TAQH/BAIwADBWBgNVHSAETzBNMEsGBmeBDAECATBBMD8GCCsGAQUF BwIBFjNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRv cnkvbGVnYWwwDQYJKoZIhvcNAQELBQADggEBAKAWrcrw7Qv/07/jZ131AQEKBT5V 85M9nUUXC12XicYnnd0UJnJyJP0zva70VyxSFRAqp0L6UodIzJCjXCJ15v57EsH6 bMbWMtAlmAbc0YljE0a+nlSbG3+ZQpJ3hyZtKoyZOb6IM9ZtZgbvAjPCJP2Jx1pr x1A8m91adFuJsl5VDZSBOxDaQamfNFUKKCL1KadPW8P9MtNg9bpE1H9Wm5h0aRol /K3LY610Nsbw84RWkKdFwSiK0FuV1kb2rqRbdUGdiLhiC1JLPgeEH+kL0HvT1rxa t3f/lz35Hfv1DI/chfrQGHTzH4eIthQU3IoWTpdDNvXO05Yx0wuUqxz6rxg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnDSICz+GF1T6wOMXsAB 3aTnSxIzo+Zqh65w6I8QgfpEGqD6IGEnmXK/FKn9uSPQf7ftZw36fEWoxeWUFuEK tQrn91cux8u5P/kzJLG87ue/MpO6kd1arvWg94IikXe+CIECfws1X4l5q98kAb7O PR4MX3W0idF7UGhi5zCklKy8W8zd9X1QUZbD+Xi840+/ylwt7C0jKVO8UwXhwEOt Vj5svQKiayI/IhF5cy5e8euzMHVP0QUmrxi9mqD+RrWG/dKZL7rljp5/l+T0QTa0 2td3rDEaEKGhI/JSVh7//hfarkj2ISRgbh/FSRore2XE8Liu5rWprZaMYtkdOmSH qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13709 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Intermediate Certificate' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Intermediate Certificate DV SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-11 05:32:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-13 17:40:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sdkaartshop.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24040911955246762899160250843855780199317705269331344714244679929011197168532075343641138117812787589790565471248797112180074642703382448803685125694354465286400417705302980725975985839718103508424848586598636053601245049747271972169233871388263637339609748688892110458674351588465224849123340608999102661877689950947334571535064435492325054898349284794112462575950210745005863695377860634067524141205855910138062614702989570706288684798675513289217374449431131712576133359024669065465578572870593134652524174376576815845948551911990337908575509535273103506326990324750822764310892530906038315868607072510946941634473 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 631ca8a7b193358f16769ee5fa5fc8e6adbf2fb9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ica-ocsp.digitalcertvalidation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ica-aia.digitalcertvalidation.com/icag2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sdkaartshop.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sdkaartshop.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ica-crl.digitalcertvalidation.com/crls/icag2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a016adcaf0ed0bffd3bfe3675df501010a053e55f3933d9d45170b5d9789c6279ddd1426727224fd33bdaef4572c5215102aa742fa528748cc90a35c2275e6fe7b12c1fa6cc6d632d0259806dcd189631346be9e549b1b7f9942927787266d2a8c9939be8833d66d6606ef0233c224fd89c75a6bc7503c9bdd5a745b89b25e550d94813b10da41a99f34550a2822f529a74f5bc3fd32d360f5ba44d47f569b9874691a25fcadcb63ad7436c6f0f3845690a745c1288ad05b95d646f6aea45b75419d88b8620b524b3e07841fe90bd07bd3d6bc5ab777ff973df91dfbf50c8fdc85fad01874f31f8788b61414dc8a164e974336f5ced39631d30b94ab1cfaaf18