www.largonaute.net
Issued by Gandi Standard SSL CA 2
About this certificate
This digital certificate with serial number 7e:fa:d8:e0:3a:ee:48:2f:00:79:6a:ad:cd:c0:8c was issued on by Gandi.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage contains an inefficient encoding wherein the number of 'unused bits' is declared to be 5, but it should be 7. Raw Bytes: [3 2 5 128], Raw Binary: [00000011 00000010 00000101 10000000] RFC 5280 Section 4.2.1.3 describes the value of a KeyUsage to be a DER encoded BitString, which itself defines that all trailing 0 bits be counted as being "unused". (Where ITU-T Rec. X.680 | ISO/IEC 8824-1, 21.7, applies, the bitstring shall have all trailing 0 bits removed before it is encoded.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.largonaute.net
Gandi
Organization:
Gandi
State / Province:
Paris
Locality: Paris
Country: FR
Locality: Paris
Country: FR
This certificate has expire since
Certificate Details
Serial Number (hex): 7e:fa:d8:e0:3a:ee:48:2f:00:79:6a:ad:cd:c0:8cSerial Number (int): 659317189255289432192030143801049228
Serial Number lenght: 119 bits, 15 octets
SubjectKeyId: e7:70:62:95:7c:b7:b4:ab:1c:14:d7:2f:d2:1e:4c:38:5c:20:7a:2a
AuthorityKeyId: b3:90:a7:d8:c9:af:4e:cd:61:3c:9f:7c:ad:5d:7f:41:fd:69:30:ea
Fingerprint (sha1): 50:66:8e:60:69:65:0a:6a:bf:85:73:e2:99:24:71:15:d2:83:cc:5b
Fingerprint (sha256): a8:d1:ac:41:05:e0:ec:86:67:d7:82:a0:7a:c6:65:3f:10:fe:48:f7:33:b4:b6:41:a9:6f:92:1f:d5:3f:8b:58
Issuing Certificate URL: http://crt.usertrust.com/GandiStandardSSLCA2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.usertrust.com/GandiStandardSSLCA2.crl
Check the revocation status for certificate www.largonaute.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.largonaute.net
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.largonaute.net
Other certificates including the domain name largonaute.net
(limited to 100 certificates)
www.largonaute.net
www.largonaute.net
www.largonaute.net
largonaute.net
largonaute.net
www.largonaute.net
www.largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
largonaute.net
largonaute.net
www.largonaute.net
www.largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
www.largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
largonaute.net
www.largonaute.net
Certificate
The complete raw certificate details for www.largonaute.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgIPfvrY4DruSC8AeWqtzcCMMA0GCSqGSIb3DQEBCwUAMF8x CzAJBgNVBAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwGA1UEBxMFUGFyaXMxDjAM BgNVBAoTBUdhbmRpMSAwHgYDVQQDExdHYW5kaSBTdGFuZGFyZCBTU0wgQ0EgMjAe Fw0yMTEyMDMwMDAwMDBaFw0yMzAxMDIyMzU5NTlaMB0xGzAZBgNVBAMTEnd3dy5s YXJnb25hdXRlLm5ldDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLft3n622ROg 0fPISpRoqfZVKnRdBllTK7g191iHHeYEAS3ollKO6ipbX0AUhCFsExe62fZvu7Rb gu3VAU/wKIWjggMpMIIDJTAfBgNVHSMEGDAWgBSzkKfYya9OzWE8n3ytXX9B/Wkw 6jAdBgNVHQ4EFgQU53BilXy3tKscFNcv0h5MOFwgeiowDgYDVR0PAQH/BAQDAgWA MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEsG A1UdIAREMEIwNgYLKwYBBAGyMQECAhowJzAlBggrBgEFBQcCARYZaHR0cHM6Ly9j cHMudXNlcnRydXN0LmNvbTAIBgZngQwBAgEwQQYDVR0fBDowODA2oDSgMoYwaHR0 cDovL2NybC51c2VydHJ1c3QuY29tL0dhbmRpU3RhbmRhcmRTU0xDQTIuY3JsMHMG CCsGAQUFBwEBBGcwZTA8BggrBgEFBQcwAoYwaHR0cDovL2NydC51c2VydHJ1c3Qu Y29tL0dhbmRpU3RhbmRhcmRTU0xDQTIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8v b2NzcC51c2VydHJ1c3QuY29tMB0GA1UdEQQWMBSCEnd3dy5sYXJnb25hdXRlLm5l dDCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcArfe++nz/EMiLnT2cHj4YarRn KV3PsQwkyoWGNOvcgooAAAF9farL2gAABAMASDBGAiEAsXEsYXGNVUsu0RKN25LD iemyqOayyQZAcyUsyPOm7doCIQCzA5qB75zfuR9NpYjbc3+O02uE3eTSHAxYzr/Z pcZVXwB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABfX2qy6EA AAQDAEcwRQIhAN95eG9jAqasWD7bYaRa8Mn+u811dRuVW88JtT+netBLAiAaSu95 9sblh1Z863c+SqriNuI5TiJ0DI283ZNvpoz4OgB3AOg+0No+9QY1MudXKLyJa8kD 08vREWvs62nhd31tBr1uAAABfX2qy5IAAAQDAEgwRgIhAKGs0tRatFEXTGpjLiXp JyANITc9lDBII2gn7D5OxrQtAiEAvsoxOajo9oeIvKKXt0Dwn5iVomgelmoomENv D8U80OwwDQYJKoZIhvcNAQELBQADggEBAGzmB2bkPHSkm2zg/1A2O06pEg4hEiqU Qaog+oM0tgBIkjz5ScVnxK0wn/kCndr9dudnzhKxlljIhvCbgbf4mnzIuRXiTyFQ tGfDzuHQDN8o9gGJ7HxtcMlz1e619buChIsS88h3ZbjXNO8/bHxFDSvX2m3lUJAi YugspVPrKK2Wdx0hQ+8gP51oLkXS61PT8kNDsJL5DW7qIJRhIIjR1P0Mf1hmQpUV bXaKeB3bFkHuXkkntcrmsY+GkvGotwhQXhstnii4x0dlkHWYoq95568F/iK+zaTe mhRrgRRdbrAf2tXcnQFR/0wNULf7LLxuXilO2gVx4oQnvkKkL+a/bN8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEt+3efrbZE6DR88hKlGip9lUqdF0G WVMruDX3WIcd5gQBLeiWUo7qKltfQBSEIWwTF7rZ9m+7tFuC7dUBT/AohQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 659317189255289432192030143801049228 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.largonaute.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 0004b7edde7eb6d913a0d1f3c84a9468a9f6552a745d0659532bb835f758871de604012de896528eea2a5b5f401484216c1317bad9f66fbbb45b82edd5014ff02885 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b390a7d8c9af4ecd613c9f7cad5d7f41fd6930ea . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e77062957cb7b4ab1c14d72fd21e4c385c207a2a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 0580 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/GandiStandardSSLCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/GandiStandardSSLCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.largonaute.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017d7daacbda0000040300483046022100b1712c61718d554b2ed1128ddb92c389e9b2a8e6b2c9064073252cc8f3a6edda022100b3039a81ef9cdfb91f4da588db737f8ed36b84dde4d21c0c58cebfd9a5c6555f0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017d7daacba10000040300473045022100df79786f6302a6ac583edb61a45af0c9febbcd75751b955bcf09b53fa77ad04b02201a4aef79f6c6e587567ceb773e4aaae236e2394e22740c8dbcdd936fa68cf83a007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017d7daacb920000040300483046022100a1acd2d45ab451174c6a632e25e927200d21373d943048236827ec3e4ec6b42d022100beca3139a8e8f68788bca297b740f09f9895a2681e966a2898436f0fc53cd0ec . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006ce60766e43c74a49b6ce0ff50363b4ea9120e21122a9441aa20fa8334b60048923cf949c567c4ad309ff9029ddafd76e767ce12b19658c886f09b81b7f89a7cc8b915e24f2150b467c3cee1d00cdf28f60189ec7c6d70c973d5eeb5f5bb82848b12f3c87765b8d734ef3f6c7c450d2bd7da6de550902262e82ca553eb28ad96771d2143ef203f9d682e45d2eb53d3f24343b092f90d6eea2094612088d1d4fd0c7f58664295156d768a781ddb1641ee5e4927b5cae6b18f8692f1a8b708505e1b2d9e28b8c74765907598a2af79e7af05fe22becda4de9a146b81145d6eb01fdad5dc9d0151ff4c0d50b7fb2cbc6e5e294eda0571e28427be42a42fe6bf6cdf