*.tax.ny.gov

Issued by GlobalSign Organization Validation CA - SHA256 - G2

About this certificate


This digital certificate with serial number 11:21:56:66:20:37:48:cc:24:9a:e5:f8:10:c5:83:8b:e3:e6 was issued on by GlobalSign nv-sa .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

New York State Office for Technology

Organization: New York State Office for Technology
State / Province: New York
Locality: Albany
Country: US

GlobalSign nv-sa

Organization: GlobalSign nv-sa
State / Province: New York
Locality: Albany
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 11:21:56:66:20:37:48:cc:24:9a:e5:f8:10:c5:83:8b:e3:e6
Serial Number (int): 1492253022823649421573960384453297990001638
Serial Number lenght: 141 bits, 18 octets

SubjectKeyId: fa:65:ff:8a:e3:14:de:93:28:d9:97:14:f6:f9:19:36:34:1d:d8:4e
AuthorityKeyId: 96:de:61:f1:bd:1c:16:29:53:1c:c0:cc:7d:3b:83:00:40:e6:1a:7c

Fingerprint (sha1): fb:f6:56:a4:09:76:15:dd:da:9b:a8:2e:f5:f0:ac:1e:c6:15:09:7a
Fingerprint (sha256): ae:d3:17:0c:59:f8:bc:cc:6a:98:88:a5:75:bb:43:57:68:b9:b3:76:99:49:c9:be:36:2f:0d:63:70:01:b3:40

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalsha2g2
CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

Check the revocation status for the current certificate on *.tax.ny.gov
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.tax.ny.gov
tax.ny.gov

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFRzCCBC+gAwIBAgISESFWZiA3SMwkmuX4EMWDi+PmMA0GCSqGSIb3DQEBCwUA MGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYD VQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hB MjU2IC0gRzIwHhcNMTUwOTE1MTIyMTA2WhcNMTcwOTE1MTIyMTA2WjB3MQswCQYD VQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxDzANBgNVBAcTBkFsYmFueTEtMCsG A1UEChMkTmV3IFlvcmsgU3RhdGUgT2ZmaWNlIGZvciBUZWNobm9sb2d5MRUwEwYD VQQDDAwqLnRheC5ueS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCjiGTAj3bsN7B4vK+OrlfC1pkOiKrfbG/1NT7obqntRzRbENs25TJwmZFVB1Iw n0EpAXIo+apr5VessvBnKRDTYesamAdp6/aQmLGXzcUqP5WrWx/wiahfoz+RKZ4c 7q76A98hQa4akQuOnTIfmYKN4P8JmHkm5Bh2XLO7dvmZt7JriH4S64/qlZw4T3nV pKOZnbbWUksKJI1VCHqCPSHu+ghIsIhCebmEd5o/NOZRjnL8c9UTu5CPK6ti8Iyt Os7YEcNU69f3py8MoEn54NP3tPo+mxZliEnQ/0kp6W+z3lDkMdZ7JX8JXJzCaFeO ZaGPS0/lm/yvVfNZWKchn9hxAgMBAAGjggHcMIIB2DAOBgNVHQ8BAf8EBAMCBaAw SQYDVR0gBEIwQDA+BgZngQwBAgIwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wIwYDVR0RBBwwGoIMKi50YXgubnku Z292ggp0YXgubnkuZ292MAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZ2xvYmFsc2ln bi5jb20vZ3MvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIuY3JsMIGgBggrBgEFBQcB AQSBkzCBkDBNBggrBgEFBQcwAoZBaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNv bS9jYWNlcnQvZ3Nvcmdhbml6YXRpb252YWxzaGEyZzJyMS5jcnQwPwYIKwYBBQUH MAGGM2h0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc29yZ2FuaXphdGlvbnZh bHNoYTJnMjAdBgNVHQ4EFgQU+mX/iuMU3pMo2ZcU9vkZNjQd2E4wHwYDVR0jBBgw FoAUlt5h8b0cFilTHMDMfTuDAEDmGnwwDQYJKoZIhvcNAQELBQADggEBAB56Y1vD seV5ezo9QqkHCBOWsE83Qta2ewTGPNptob/VD0sJyKGI+pgq+yWI6HvwkxtbgTja fMijVGNHS7DwVzovfwgep1TDq0q2Vc1+OVcZ5/tysc3WiH11VYaSVRQbOWkNsU6A bghC3ZTYQispUmbtabpKS8zq/z0NQ+8PRjc12IQzrMpfo0XHvPxw8jXuGDxNWPPX P4HBXv52gwGPIAL+w9JSqmjm8JnYbfhEQnzaEdS4BHidw7kCKn1E4anP/ERG3RlS pILxEpcULoKw+x2IqJjhrIL/HT5MFXCCNaSCIktVPBwDZn/DiXhNNmW1fz7AONGJ Fp/qvgnhpOw/y38= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4hkwI927DeweLyvjq5X wtaZDoiq32xv9TU+6G6p7Uc0WxDbNuUycJmRVQdSMJ9BKQFyKPmqa+VXrLLwZykQ 02HrGpgHaev2kJixl83FKj+Vq1sf8ImoX6M/kSmeHO6u+gPfIUGuGpELjp0yH5mC jeD/CZh5JuQYdlyzu3b5mbeya4h+EuuP6pWcOE951aSjmZ221lJLCiSNVQh6gj0h 7voISLCIQnm5hHeaPzTmUY5y/HPVE7uQjyurYvCMrTrO2BHDVOvX96cvDKBJ+eDT 97T6PpsWZYhJ0P9JKelvs95Q5DHWeyV/CVycwmhXjmWhj0tP5Zv8r1XzWVinIZ/Y cQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1492253022823649421573960384453297990001638 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - SHA256 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-09-15 12:21:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-15 12:21:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Albany' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York State Office for Technology' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.tax.ny.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20644101882246963582107446758910715043095379880385606964660266398081269698303529794498902513109173236628599602628553317573858262949066494041638785454089115607556151301215481366891612105106296307829085854589204573271766164145354438840736900461458391933766767967126402225108466600465106388981831666545358127344532796481917869923423396922183121059945352043938786525853691236043735682747230318502713133015925175046969434446546841384703947909101368256679167563601935589517942775136491178057979231237949936615478088226387954698331658741001251857568206744407992807529128939771028148169841445594719705285746768064285788592241 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tax.ny.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tax.ny.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalsha2g2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fa65ff8ae314de9328d99714f6f91936341dd84e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96de61f1bd1c1629531cc0cc7d3b830040e61a7c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001e7a635bc3b1e5797b3a3d42a907081396b04f3742d6b67b04c63cda6da1bfd50f4b09c8a188fa982afb2588e87bf0931b5b8138da7cc8a35463474bb0f0573a2f7f081ea754c3ab4ab655cd7e395719e7fb72b1cdd6887d7555869255141b39690db14e806e0842dd94d8422b295266ed69ba4a4bcceaff3d0d43ef0f463735d88433acca5fa345c7bcfc70f235ee183c4d58f3d73f81c15efe7683018f2002fec3d252aa68e6f099d86df844427cda11d4b804789dc3b9022a7d44e1a9cffc4446dd1952a482f11297142e82b0fb1d88a898e1ac82ff1d3e4c15708235a482224b553c1c03667fc389784d3665b57f3ec038d189169feabe09e1a4ec3fcb7f