*.schaelchli.ch

Issued by StartCom Class 2 IV Server CA

About this certificate


This digital certificate with serial number 67:d6:a6:b7:9c:8e:a1:94:b8:4a:40:5c:5c:b6:39:6a was issued on by StartCom Ltd. .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([2.5.29.18])

Peter Schälchli

Organization: Peter Schälchli
State / Province: Thurgau
Locality: Wigoltingen
Country: CH

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: StartCom Certification Authority
State / Province: Thurgau
Locality: Wigoltingen
Country: CH

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 67:d6:a6:b7:9c:8e:a1:94:b8:4a:40:5c:5c:b6:39:6a
Serial Number (int): 138025016520772826352178278488044091754
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 7b:07:92:bd:6c:e7:a3:d5:47:4c:a5:a5:ab:fa:a2:fe:05:7e:5e:54
AuthorityKeyId: 94:de:85:41:2a:a5:d9:45:f6:60:2c:2e:4c:93:09:a6:2c:23:7e:3e

Fingerprint (sha1): 25:a2:fc:5f:6d:94:28:8a:2e:66:9f:c7:32:f3:fd:8f:15:b6:e3:6b
Fingerprint (sha256): e8:b8:fa:b0:be:d2:f8:08:1f:e5:df:b7:c7:7d:ba:f0:dd:88:b3:6b:56:ba:2d:99:a8:65:44:bf:2a:7c:c9:c9

Issuing Certificate URL: http://aia.startssl.com/certs/sca.server2.crt

Revocation information

OCSP Server: http://ocsp.startssl.com
CRL Distribution Point: http://crl.startssl.com/sca-server2.crl

Check the revocation status for the current certificate on *.schaelchli.ch
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.schaelchli.ch
schaelchli.ch

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgIQZ9amt5yOoZS4SkBcXLY5ajANBgkqhkiG9w0BAQsFADB4 MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0 Q29tIENsYXNzIDIgSVYgU2VydmVyIENBMB4XDTE2MDEwNDE5MDEzN1oXDTE4MDEw NDE5MDEzN1owajELMAkGA1UEBhMCQ0gxEDAOBgNVBAgMB1RodXJnYXUxFDASBgNV BAcMC1dpZ29sdGluZ2VuMRkwFwYDVQQKDBBQZXRlciBTY2jDpGxjaGxpMRgwFgYD VQQDDA8qLnNjaGFlbGNobGkuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCz41oQK/3W6Yaa1DqWJJF9iJ2ZZPKwz6j1hj7zRnFxg59MLLHSqaR2Qg8o csejZtn0hyH16kwvpcRW3bioP31sh7x2djWSyXzvgZ22fqxsA164CP1XPUhhUDOJ bNuHHWn+64utx8Eb1Dr14uAWHX5Kro4DxDPM/F6E/3XmuYfP7T/gQ9tN4pqR8Hme z1C3ngWTkiNoJuZAdETA+X3hcl9s7ANeb8p9BAylldSORdsWCu4/UN40FqD1dCpQ eYovPcpkKTkafG2xvLSn2x27fHpd+y6kR9RymZv20ye9Pq23+7wkN8EQTs9NKU8Z Y0lHCypkgl8zbpj4oP2KKVCk4lRTAgMBAAGjggHIMIIBxDALBgNVHQ8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMAkGA1UdEwQCMAAwHQYDVR0O BBYEFHsHkr1s56PVR0ylpav6ov4Ffl5UMB8GA1UdIwQYMBaAFJTehUEqpdlF9mAs LkyTCaYsI34+MG8GCCsGAQUFBwEBBGMwYTAkBggrBgEFBQcwAYYYaHR0cDovL29j c3Auc3RhcnRzc2wuY29tMDkGCCsGAQUFBzAChi1odHRwOi8vYWlhLnN0YXJ0c3Ns LmNvbS9jZXJ0cy9zY2Euc2VydmVyMi5jcnQwOAYDVR0fBDEwLzAtoCugKYYnaHR0 cDovL2NybC5zdGFydHNzbC5jb20vc2NhLXNlcnZlcjIuY3JsMCkGA1UdEQQiMCCC Dyouc2NoYWVsY2hsaS5jaIINc2NoYWVsY2hsaS5jaDAjBgNVHRIEHDAahhhodHRw Oi8vd3d3LnN0YXJ0c3NsLmNvbS8wUAYDVR0gBEkwRzAIBgZngQwBAgMwOwYLKwYB BAGBtTcBAgQwLDAqBggrBgEFBQcCARYeaHR0cDovL3d3dy5zdGFydHNzbC5jb20v cG9saWN5MA0GCSqGSIb3DQEBCwUAA4IBAQAR2accLteb9wKdOlMgcPKPMHi4SSS/ PP0nfFthJrCzLYehJ/JDAkQiQXi4ttXyDguqXe23Q1QF8vlgmX/6kHIDhVwXl784 SX+ZM2hfOvobTKHyDzpDtv+Jh9SpicV1qiG5DoBW9RzQ/kgaf++RZvbRlLq+c6Ie Z9eovwku6G8Os75f2dUp6VXNno07o3fvQhd7IHVFcAG6xM49KnAWE7a8SuUkCkNY isICrymZNnKq8KwgJq2iIbqe+Pj2y+pDvG91B5pENdm6+HWNdyhDyvZ/LnvprUt2 rphjwgzMCWWuQtUaolN4LmoZBnY6MrVJ3bBsVmAORfoFQuvKPnZ43ZWy -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+NaECv91umGmtQ6liSR fYidmWTysM+o9YY+80ZxcYOfTCyx0qmkdkIPKHLHo2bZ9Ich9epML6XEVt24qD99 bIe8dnY1ksl874Gdtn6sbANeuAj9Vz1IYVAziWzbhx1p/uuLrcfBG9Q69eLgFh1+ Sq6OA8QzzPxehP915rmHz+0/4EPbTeKakfB5ns9Qt54Fk5IjaCbmQHREwPl94XJf bOwDXm/KfQQMpZXUjkXbFgruP1DeNBag9XQqUHmKLz3KZCk5Gnxtsby0p9sdu3x6 XfsupEfUcpmb9tMnvT6tt/u8JDfBEE7PTSlPGWNJRwsqZIJfM26Y+KD9iilQpOJU UwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 138025016520772826352178278488044091754 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Ltd.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'StartCom Class 2 IV Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-04 19:01:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-04 19:01:37 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Thurgau' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Wigoltingen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Peter Schälchli' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.schaelchli.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22708767944519388851541961958445580572407214203483389051238240305703881906996092753826689128798221591079398041489475315271558349472982361424427020156300596325069990499811576275726081258798558213296975935167394265637419634076833376759662389420037265495540778496590558013254849195598654009662958412355514044160168033990920673156682685220959674138982801910846978266479699170490374301464736296721233383069506256984602032395558916116845221448579220522856806338698701482520637160768667559011775831028339400734435804059943197780652727099309962919560581985881360487783086463366359138252796793290807112722311985351492127315027 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7b0792bd6ce7a3d5474ca5a5abfaa2fe057e5e54 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 94de85412aa5d945f6602c2e4c9309a62c237e3e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.startssl.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.startssl.com/certs/sca.server2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.startssl.com/sca-server2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.schaelchli.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'schaelchli.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.18 (issuerAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.startssl.com/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23223.1.2.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.startssl.com/policy' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0011d9a71c2ed79bf7029d3a532070f28f3078b84924bf3cfd277c5b6126b0b32d87a127f2430244224178b8b6d5f20e0baa5dedb7435405f2f960997ffa907203855c1797bf38497f9933685f3afa1b4ca1f20f3a43b6ff8987d4a989c575aa21b90e8056f51cd0fe481a7fef9166f6d194babe73a21e67d7a8bf092ee86f0eb3be5fd9d529e955cd9e8d3ba377ef42177b2075457001bac4ce3d2a701613b6bc4ae5240a43588ac202af29993672aaf0ac2026ada221ba9ef8f8f6cbea43bc6f75079a4435d9baf8758d772843caf67f2e7be9ad4b76ae9863c20ccc0965ae42d51aa253782e6a1906763a32b549ddb06c56600e45fa0542ebca3e7678dd95b2