www.kidney.ca
- Kidney Foundation of Canada -
Issued by GeoTrust SSL CA - G2
About this certificate
This digital certificate with serial number 63:35:23:fb:e0:2c:67:cb:ca:89:22:b5:a9:6a:0a:d4 was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Kidney Foundation of Canada
Organization:
Kidney Foundation of Canada
Organization unit: Hosting
Organization unit: Hosting
State / Province:
Quebec
Locality: Montreal
Country: CA
Locality: Montreal
Country: CA
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 63:35:23:fb:e0:2c:67:cb:ca:89:22:b5:a9:6a:0a:d4Serial Number (int): 131869493156192261269677945252160867028
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 11:4a:d0:73:39:d5:5b:69:08:5c:ba:3d:bf:64:9a:a8:8b:1c:55:bc
Fingerprint (sha1): 88:a1:7e:64:b3:07:6d:bf:ad:98:ad:e8:b9:cf:af:24:70:1d:24:cf
Fingerprint (sha256): a6:60:3c:c1:68:bb:44:f5:fb:23:72:17:c3:db:40:f5:dd:f8:69:a6:06:60:57:48:fc:84:6d:fc:f2:d7:2b:ad
Issuing Certificate URL: http://gtssl2-aia.geotrust.com/gtssl2.cer
Revocation information
OCSP Server: http://gtssl2-ocsp.geotrust.comCRL Distribution Point: http://gtssl2-crl.geotrust.com/gtssl2.crl
Check the revocation status for certificate www.kidney.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kidney.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kidney.ca
kidney.ca
kidney.ca
Other certificates including the domain name kidney.ca
(limited to 100 certificates)
newsletter.qc.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
newsletter.qc.kidney.ca
kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
Certificate
The complete raw certificate details for www.kidney.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIQYzUj++AsZ8vKiSK1qWoK1DANBgkqhkiG9w0BAQUFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzIwHhcNMTQwMzAxMDAwMDAwWhcNMTUwMzAxMjM1 OTU5WjCBgTELMAkGA1UEBhMCQ0ExDzANBgNVBAgTBlF1ZWJlYzERMA8GA1UEBxQI TW9udHJlYWwxJDAiBgNVBAoUG0tpZG5leSBGb3VuZGF0aW9uIG9mIENhbmFkYTEQ MA4GA1UECxQHSG9zdGluZzEWMBQGA1UEAxQNd3d3LmtpZG5leS5jYTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBALMBpw9CrTIQLk+1Am4jot8+tPhIEylB 62Y3mdugbcOfg3nW9iFymMqlKv/9hlDro9eesVkcFZksopjOkGMsE8SluE+KnUoJ 4I36PxqMzIfq1qB6ki4r2/tlUbqvSk1t3l5TB3hqazl+OnSZ/E4V2IdNJp7oQb5E gAHn1tUhuYB8Itezr+CyvZuC33z66mu38D24nL0tNf7WQUF+FH2I1WKoMP1PS+GO KQw4B+Ng+A4Q9OS6HwZRZgLQyUUt1nv+wRwslA+0tTlgKUZYYzZ7oJopEGmYuCqN tXedEISS98UUOakjIHPp+asopkxr6VNF7flm8vJHyVA5Rn1ZpeWa2zMCAwEAAaOC AYIwggF+MCMGA1UdEQQcMBqCDXd3dy5raWRuZXkuY2GCCWtpZG5leS5jYTAJBgNV HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8v Z3Rzc2wyLWNybC5nZW90cnVzdC5jb20vZ3Rzc2wyLmNybDBMBgNVHSAERTBDMEEG CmCGSAGG+EUBBzYwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5j b20vcmVzb3VyY2VzL2NwczAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw HwYDVR0jBBgwFoAUEUrQcznVW2kIXLo9v2SaqIscVbwwcgYIKwYBBQUHAQEEZjBk MCsGCCsGAQUFBzABhh9odHRwOi8vZ3Rzc2wyLW9jc3AuZ2VvdHJ1c3QuY29tMDUG CCsGAQUFBzAChilodHRwOi8vZ3Rzc2wyLWFpYS5nZW90cnVzdC5jb20vZ3Rzc2wy LmNlcjANBgkqhkiG9w0BAQUFAAOCAQEAF53jcQItj9mlOEqln4R16QKQsgwlkozk E0IKA1HzpTy0ZY0s73QRcWfk95RFlYEVoR45PFAfeBqDQ0kTJEnpRO7e7ofeh99g Pi2iZ6KARdoW01Lw3llka0YVAqnvGXB5ffVgQvtRM1rC2FcuElmj9laWGM7GuXig /5NH4bTMAvLvyozk/guGAGok5A0tiexTmMOfrjAIKpIMgsfQ5Tjj1+GCQEqehUFX aWe6JCKDD9qcLzEX/GEbXLFvCC8Z52qv8iwB0uZbbntdFwVrKntFaf+NSc+eQjji bbepVy2cSekRXWD8BQ0JyYzdFL4QDvQcllqs5XPBCZjUhJ6JBqnGxA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswGnD0KtMhAuT7UCbiOi 3z60+EgTKUHrZjeZ26Btw5+Dedb2IXKYyqUq//2GUOuj156xWRwVmSyimM6QYywT xKW4T4qdSgngjfo/GozMh+rWoHqSLivb+2VRuq9KTW3eXlMHeGprOX46dJn8ThXY h00mnuhBvkSAAefW1SG5gHwi17Ov4LK9m4LffPrqa7fwPbicvS01/tZBQX4UfYjV Yqgw/U9L4Y4pDDgH42D4DhD05LofBlFmAtDJRS3We/7BHCyUD7S1OWApRlhjNnug mikQaZi4Ko21d50QhJL3xRQ5qSMgc+n5qyimTGvpU0Xt+Wby8kfJUDlGfVml5Zrb MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 131869493156192261269677945252160867028 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-03-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-03-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Montreal' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Kidney Foundation of Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Hosting' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.kidney.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22597471504821276791320458313363739114977470575724121453906123945736754346489519756424454953428012002838898886293409938550859748569876571795641783729408892496632227844112394509731911564210490364113220502062397442986420800351087560730463458168584258643066639314413032232796558337078401780319157502636562698999149403351904159448486590884824402126598218119016430351844523626496117045888279162677513941333528920485755922530996961329221823821863767627302238609873697850392844528034723503545021080959222387159864576846841505206973346050058882420120057838844303355419107983577778792245845609151277141520211587104678839245619 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kidney.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kidney.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl2-crl.geotrust.com/gtssl2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 114ad07339d55b69085cba3dbf649aa88b1c55bc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl2-ocsp.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl2-aia.geotrust.com/gtssl2.cer' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00179de371022d8fd9a5384aa59f8475e90290b20c25928ce413420a0351f3a53cb4658d2cef74117167e4f79445958115a11e393c501f781a834349132449e944eedeee87de87df603e2da267a28045da16d352f0de59646b461502a9ef1970797df56042fb51335ac2d8572e1259a3f6569618cec6b978a0ff9347e1b4cc02f2efca8ce4fe0b86006a24e40d2d89ec5398c39fae30082a920c82c7d0e538e3d7e182404a9e8541576967ba2422830fda9c2f3117fc611b5cb16f082f19e76aaff22c01d2e65b6e7b5d17056b2a7b4569ff8d49cf9e4238e26db7a9572d9c49e9115d60fc050d09c98cdd14be100ef41c965aace573c10998d4849e8906a9c6c4