www.medienlegenden.de
Issued by Symantec Basic DV SSL CA - G2
About this certificate
This digital certificate with serial number 7e:28:0e:b3:ec:75:c8:aa:7f:0b:0d:30:e2:96:66:c2 was issued on by Symantec Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.medienlegenden.de
Symantec Corporation
Organization:
Symantec Corporation
Organization unit: Symantec Trust Network
Organization unit: Domain Validated SSL
Organization unit: Symantec Trust Network
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 7e:28:0e:b3:ec:75:c8:aa:7f:0b:0d:30:e2:96:66:c2Serial Number (int): 167690717551997188524853113417704564418
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: ca:ac:5d:e1:90:2f:f1:ef:8c:d4:9f:35:01:e1:01:3b:a0:ce:c1:77
Fingerprint (sha1): 61:37:3a:5f:36:70:01:14:32:e7:01:49:2e:65:26:64:fe:15:a4:f9
Fingerprint (sha256): 92:b1:59:9f:2f:5e:24:c4:22:e8:7f:d1:18:50:20:b2:38:89:f6:0f:e8:91:72:46:74:bf:da:ca:e3:35:87:a5
Issuing Certificate URL: http://hd.symcb.com/hd.crt
Revocation information
OCSP Server: http://hd.symcd.comCheck the revocation status for certificate www.medienlegenden.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.medienlegenden.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.medienlegenden.de
medienlegenden.de
medienlegenden.de
Other certificates including the domain name medienlegenden.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.medienlegenden.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEpjCCA46gAwIBAgIQfigOs+x1yKp/Cw0w4pZmwjANBgkqhkiG9w0BAQsFADCB lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQLExREb21haW4g VmFsaWRhdGVkIFNTTDEmMCQGA1UEAxMdU3ltYW50ZWMgQmFzaWMgRFYgU1NMIENB IC0gRzIwHhcNMTcwMzI5MDAwMDAwWhcNMTgwMzI5MjM1OTU5WjAgMR4wHAYDVQQD DBV3d3cubWVkaWVubGVnZW5kZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDZHFgTjizwvFkLQxDwZsAQJZ7CcG+eOHQaogURPD3dF/csfd59CGy1 +QYH3JGdBDTJU1ZHJfoZKmwgYHEJlnRsE4G0imgynrRJMeUEc+0k7GqFeOOhKT+S +5R0OuB+Wj+L2RQMZAsXXaS9Eyf0bYCk9haV0oEWqixO+iu7R8QO2cI2sprQ40Ib VoIo/xgj96su2f+tN6tn2MdXOie3wcnul3tIQragmBED756fRjhNPo+R8xM7o782 oGTuN1K0tDpT5d5Wx7KUM3ygPayfCNdtZFBQw8DF1oZVeXHg4pyHrnOdmCGArcqC ELGnvX1Px99cRCWAOFMqfGWE29//kXKhAgMBAAGjggFlMIIBYTAzBgNVHREELDAq ghV3d3cubWVkaWVubGVnZW5kZW4uZGWCEW1lZGllbmxlZ2VuZGVuLmRlMAkGA1Ud EwQCMAAwYQYDVR0gBFowWDBWBgZngQwBAgEwTDAjBggrBgEFBQcCARYXaHR0cHM6 Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwXaHR0cHM6Ly9kLnN5bWNi LmNvbS9ycGEwHwYDVR0jBBgwFoAUyqxd4ZAv8e+M1J81AeEBO6DOwXcwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBXBggrBgEF BQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9oZC5zeW1jZC5jb20wJgYIKwYB BQUHMAKGGmh0dHA6Ly9oZC5zeW1jYi5jb20vaGQuY3J0MBMGCisGAQQB1nkCBAMB Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBdq5KbF7Bi9NZHHV56ZWCuA3VcM1Y8 nGBs1Y592SqE8zwiP4/zsgRKROhW5GpVJFuUb8DmkUu6q0k1PyKhpIQ6vAjlOIBR CSSn3pavJeSxRlUwe9eyACn745Gkbcvc8HwXMZEcyyfbcYfVcLYbkLWCxMFuWRPs Es/+2KAnpjIc8VvNtMW+EcO3RLkpIX+ma5WkqWuH5V5BPOOsDLm53IO6nnE2NcXK m60DLFqpeZNXgkG4UymN0SRNG/wi1vPBtmx7UtoWrhcZYJX1IdMKd/eanmVh4yq4 drswenhKw3ynYj1Mvy+PuYTWQdU0oNGaSTtFQPSxaw7Zmp2njQZVtGiT -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RxYE44s8LxZC0MQ8GbA ECWewnBvnjh0GqIFETw93Rf3LH3efQhstfkGB9yRnQQ0yVNWRyX6GSpsIGBxCZZ0 bBOBtIpoMp60STHlBHPtJOxqhXjjoSk/kvuUdDrgflo/i9kUDGQLF12kvRMn9G2A pPYWldKBFqosTvoru0fEDtnCNrKa0ONCG1aCKP8YI/erLtn/rTerZ9jHVzont8HJ 7pd7SEK2oJgRA++en0Y4TT6PkfMTO6O/NqBk7jdStLQ6U+XeVseylDN8oD2snwjX bWRQUMPAxdaGVXlx4OKch65znZghgK3KghCxp719T8ffXEQlgDhTKnxlhNvf/5Fy oQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 167690717551997188524853113417704564418 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Trust Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Basic DV SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.medienlegenden.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27407689148825328754092989966936807739324048637487202058136861031160571212579904207289311387296602607920413746175234713882804543304683242404654880128275201519289221378395900985330213547628399198813843568565002034844518013088011174786350339333453078596635602797057251144698398982783701501533607418046137974948930949511814559008566763732065121621273782392551707116968153619395088214069018498031804619457868973319645218883235057060477244472564788436956222875517585745081002872203952726428699025164903027723495070963204638392109693104498696603913683638272483049799374830132424771237303856774250478922564805544157740364449 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.medienlegenden.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medienlegenden.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://d.symcb.com/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName caac5de1902ff1ef8cd49f3501e1013ba0cec177 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://hd.symcb.com/hd.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005dab929b17b062f4d6471d5e7a6560ae03755c33563c9c606cd58e7dd92a84f33c223f8ff3b2044a44e856e46a55245b946fc0e6914bbaab49353f22a1a4843abc08e53880510924a7de96af25e4b14655307bd7b20029fbe391a46dcbdcf07c1731911ccb27db7187d570b61b90b582c4c16e5913ec12cffed8a027a6321cf15bcdb4c5be11c3b744b929217fa66b95a4a96b87e55e413ce3ac0cb9b9dc83ba9e713635c5ca9bad032c5aa97993578241b853298dd1244d1bfc22d6f3c1b66c7b52da16ae17196095f521d30a77f79a9e6561e32ab876bb307a784ac37ca7623d4cbf2f8fb984d641d534a0d19a493b4540f4b16b0ed99a9da78d0655b46893