AffirmTrust Validation Authority

- AffirmTrust -

Issued by AffirmTrust Extended Validation CA - EV3

About this certificate

This digital certificate with serial number 4e:70:3f:5c:e2:96:aa:bb:62:81:8b:21:94:7a:f0:d4 was issued on by AffirmTrust.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Certificate had 0 embedded SCTs. Browser policy may require 4 for this certificate. Check if certificate has enough embedded SCTs to meet Apple CT Policy (https://support.apple.com/en-us/HT205280)

AffirmTrust

Organization: AffirmTrust
Country: CA

AffirmTrust

Organization: AffirmTrust
Organization unit: See www.affirmtrust.com/repository
Country: CA

This certificate will expire on

Certificate Details

Serial Number (hex): 4e:70:3f:5c:e2:96:aa:bb:62:81:8b:21:94:7a:f0:d4
Serial Number (int): 104262606070301077499955650569046782164
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 13:69:51:25:61:59:ab:0f:f3:d2:4c:2a:cc:0b:56:77:a0:80:15:24
AuthorityKeyId: 79:1e:b1:c9:17:c7:1e:ac:b1:c7:14:d7:c3:e8:7f:bc:b9:50:9b:15

Fingerprint (sha1): a5:08:56:e1:f3:20:e6:f1:7d:92:ed:94:33:3a:66:6a:3f:92:2e:36
Fingerprint (sha256): 99:ce:bb:5c:ac:7f:45:91:9d:5d:fc:5b:77:0c:d8:af:21:b0:cf:f4:1a:3d:93:ac:19:ed:04:c3:a3:fa:a2:6e


Revocation information


Check the revocation status for certificate AffirmTrust Validation Authority

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for AffirmTrust Validation Authority

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature

Extended Key Usages

OCSP Signing

Extensions

6 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Other certificates including the domain name

(limited to 100 certificates)

Certificate

The complete raw certificate details for AffirmTrust Validation Authority in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIID5DCCAsygAwIBAgIQTnA/XOKWqrtigYshlHrw1DANBgkqhkiG9w0BAQsFADCB
gzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT
ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQDEyhBZmZp
cm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYzMB4XDTIyMTAyODE1
NDg0M1oXDTI1MTAyNzE1NDg0MlowTjELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0Fm
ZmlybVRydXN0MSkwJwYDVQQDEyBBZmZpcm1UcnVzdCBWYWxpZGF0aW9uIEF1dGhv
cml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMJldmKI9Z1fyKU9
XV05Dx0PgA5cLalTOBUxwyiXHlxRWqOvGfyDz+YfYpK5C7J1duBwLTNbdC1L/hSX
hkG50cSVZi5eeaudnzM1ajfTMFJ2Y6TEyF6ltIAzrZXFghKKGLqfoADkOlm8jnID
vTjdik4rLtv04sshIWqzTCxx4jHoVf67Dbofh/EEWBJDWldkuTP/pozt/z9u9KpN
v7t+hoZ/I2finZF8pt7P3dkCyGJ/zpo9Tl9j6I14cSzIAi76Sx5sr2twOxvesoaD
5+RAbHMci447dvhgcN7D94548ebJFlgO5Q9uIjhOdEWtc9TKHSlLb7XeeHlSHi15
VenaTN8CAwEAAaOBhzCBhDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQTaVElYVmr
D/PSTCrMC1Z3oIAVJDAfBgNVHSMEGDAWgBR5HrHJF8cerLHHFNfD6H+8uVCbFTAO
BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYBBQUHMAEF
BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpwvODhDeZUCZJdcv6Lr++LpIjYwL1wK
m3IT2NRb8Way11e2HmBoRqkE3MzyVxFJy0qOwz08bs2fM6F9pAJ+ucJqJspMrFs8
cX3GuTGoRfDSpKZptj5ETiki0Z+a5J7wgC+JuR36hvCn16sftyynpfd4881g2el3
4Z0FgpNdCjzuj+iJNl6faGgasGYlRYTYHZxdZ8g7NDKDURrPIS+R5traoQFERy9R
qKEyQEjuV8DLQa/4CNHLUK9Sa0MbcxB48R7MYXYTv5Z/poDdx4TXWSu1vg/wMwRq
sL9V+GcohiejYCtYMSz2vzkVrD5N3wekZRs+zHBeLtlMHmu0CFtRQQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmV2Yoj1nV/IpT1dXTkP
HQ+ADlwtqVM4FTHDKJceXFFao68Z/IPP5h9ikrkLsnV24HAtM1t0LUv+FJeGQbnR
xJVmLl55q52fMzVqN9MwUnZjpMTIXqW0gDOtlcWCEooYup+gAOQ6WbyOcgO9ON2K
Tisu2/TiyyEharNMLHHiMehV/rsNuh+H8QRYEkNaV2S5M/+mjO3/P270qk2/u36G
hn8jZ+KdkXym3s/d2QLIYn/Omj1OX2PojXhxLMgCLvpLHmyva3A7G96yhoPn5EBs
cxyLjjt2+GBw3sP3jnjx5skWWA7lD24iOE50Ra1z1ModKUtvtd54eVIeLXlV6dpM
3wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 104262606070301077499955650569046782164
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.affirmtrust.com/repository'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust Extended Validation CA - EV3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-28 15:48:43 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-10-27 15:48:42 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AffirmTrust Validation Authority'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24540264157839914439834045592703202018336685845522146612212649817403812907952441476665588810998829295116523481219338271945770893517470468039590434833569114133041565633768599951566647745297921142483227292623119418343454001799836147232422780524493933614227232267783611115338246454752254602998214045945307928632515643684156048976470219130252433123411560239118991808568149378403221577254882714420649953170332386401945783528015726191164977872044805481463249882167405765577255745552825088371774473466955558325081867175659847697321346130281596230538073620483186895866874013755330913065419019341600303270912589367001149492447
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							136951256159ab0ff3d24c2acc0b5677a0801524
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 791eb1c917c71eacb1c714d7c3e87fbcb9509b15
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.9 (ocspSigning)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1.5 (ocspNoCheck)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005e9c2f38384379950264975cbfa2ebfbe2e92236302f5c0a9b7213d8d45bf166b2d757b61e606846a904dcccf2571149cb4a8ec33d3c6ecd9f33a17da4027eb9c26a26ca4cac5b3c717dc6b931a845f0d2a4a669b63e444e2922d19f9ae49ef0802f89b91dfa86f0a7d7ab1fb72ca7a5f778f3cd60d9e977e19d0582935d0a3cee8fe889365e9f68681ab066254584d81d9c5d67c83b343283511acf212f91e6dadaa10144472f51a8a1324048ee57c0cb41aff808d1cb50af526b431b731078f11ecc617613bf967fa680ddc784d7592bb5be0ff033046ab0bf55f867288627a3602b58312cf6bf3915ac3e4ddf07a4651b3ecc705e2ed94c1e6bb4085b5141