www.evkita-bayern.de
Issued by RapidSSL SHA256 CA - G2
About this certificate
This digital certificate with serial number 5f:2b:b5:5b:48:0c:e2:1c:e8:c2:2a:f3:7f:9f:71:1c was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.evkita-bayern.de
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 5f:2b:b5:5b:48:0c:e2:1c:e8:c2:2a:f3:7f:9f:71:1cSerial Number (int): 126503606712683550869368135823325622556
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 4c:f4:bf:e8:3b:be:c2:24:f3:1b:47:3b:b5:6e:48:8e:16:ab:af:12
Fingerprint (sha1): d9:7c:1c:50:dc:ca:c8:88:1a:f1:76:d2:30:5b:92:d7:7c:0c:ba:c5
Fingerprint (sha256): ac:01:56:af:92:21:76:80:5d:41:cc:28:56:c4:4d:c4:6f:e2:37:4d:eb:59:f5:c2:33:c6:7f:a0:90:6a:68:52
Issuing Certificate URL: http://gs.symcb.com/gs.crt
Revocation information
OCSP Server: http://gs.symcd.comCRL Distribution Point: http://gs.symcb.com/gs.crl
Check the revocation status for certificate www.evkita-bayern.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.evkita-bayern.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.evkita-bayern.de
evkita-bayern.de
evkita-bayern.de
Other certificates including the domain name evkita-bayern.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.evkita-bayern.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIQXyu1W0gM4hzowirzf59xHDANBgkqhkiG9w0BAQsFADBH MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX UmFwaWRTU0wgU0hBMjU2IENBIC0gRzIwHhcNMTYxMDExMDAwMDAwWhcNMTcxMjEw MjM1OTU5WjAfMR0wGwYDVQQDDBR3d3cuZXZraXRhLWJheWVybi5kZTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBALM4Bhq03MiegBHD3qwM0Lp9GTrptZy+ yME3PnQer0gO+olnfh/ZGWgGjuLq6TD070jf/RiLkm1f7iLh9aQ+RQCCNYUAAv2+ ksQSerKtTktSDNpOm2M+FB88BnJuJ1wYRXjxtYLlbmFxF/3BzOKTZkW8hwqzFP5f AcgkJmHjdoIqpv0NH9OJOhyx/UGm2vFzGKHekOjXCOU3rirhTj77xuLpOIZZMopV 2AycbTFXWtlcJEaMx6N1gBI6Oj51z8oMhENuJ8PY4hbjWRicBghPkOlbj3BcW4ce VkFSQ0NgBjOfp2gzrj9+uFV/UzBVirtH4RFaFp1Kh05WHTCIXeV34vsCAwEAAaOC Ao8wggKLMDEGA1UdEQQqMCiCFHd3dy5ldmtpdGEtYmF5ZXJuLmRlghBldmtpdGEt YmF5ZXJuLmRlMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2dz LnN5bWNiLmNvbS9ncy5jcmwwbwYDVR0gBGgwZjBkBgZngQwBAgEwWjAqBggrBgEF BQcCARYeaHR0cHM6Ly93d3cucmFwaWRzc2wuY29tL2xlZ2FsMCwGCCsGAQUFBwIC MCAMHmh0dHBzOi8vd3d3LnJhcGlkc3NsLmNvbS9sZWdhbDAfBgNVHSMEGDAWgBRM 9L/oO77CJPMbRzu1bkiOFquvEjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYT aHR0cDovL2dzLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL2dzLnN5bWNi LmNvbS9ncy5jcnQwggECBgorBgEEAdZ5AgQCBIHzBIHwAO4AdgDd6x0reg1PpiCL ga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVezlbezAAAEAwBHMEUCIQDoird9wl6Q B6WuC+5AJHP/A2jDK139Yc4rElYuegw+XwIgY7V3ItqlnOxPcTGdmAYr8FTx1RY2 oviTsPaJjhW5NrEAdABo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAA AVezlbfaAAAEAwBFMEMCH1NV6mIPEvGW4XYQabpmmoMYxeqw/x0Gb3o5uCD2w/IC IGVBBdqrpoQz2oCwEfShwhc2uQEP5e4ADtllPCru/6dRMA0GCSqGSIb3DQEBCwUA A4IBAQChTBlSUSQ8YVzNZT/ViLZeLWLcaBJmGHH3FJNs4yc6uKrdNAOQeYfHs6Eb t1pH9ghwSOu3ECa1KW1KFgHYL1gYb3dFWsdHjKG+jo/gKE0/acRC45tZ/GStGIv8 6CtETpfX849IwhpqOmFchfm0Rb0QXCBHZBNcpx/yiYYKUEFWARhMYvxIU06QMIjO wZaeJYHrvIUZzGMv8RefjoXdCIIPhVjMUlycTQNRBmb02UMR9jNjalJ35/2Aggn0 eyDA4v7fnS9Q0MggfgGFKxJUYhHEmvzp7ht4hMK1X9PwVIC3D+Xm1AT3guum3wg4 Eew+VYj2ZgpclwmplM+vXkFykJWG -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszgGGrTcyJ6AEcPerAzQ un0ZOum1nL7IwTc+dB6vSA76iWd+H9kZaAaO4urpMPTvSN/9GIuSbV/uIuH1pD5F AII1hQAC/b6SxBJ6sq1OS1IM2k6bYz4UHzwGcm4nXBhFePG1guVuYXEX/cHM4pNm RbyHCrMU/l8ByCQmYeN2giqm/Q0f04k6HLH9Qaba8XMYod6Q6NcI5TeuKuFOPvvG 4uk4hlkyilXYDJxtMVda2VwkRozHo3WAEjo6PnXPygyEQ24nw9jiFuNZGJwGCE+Q 6VuPcFxbhx5WQVJDQ2AGM5+naDOuP364VX9TMFWKu0fhEVoWnUqHTlYdMIhd5Xfi +wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 126503606712683550869368135823325622556 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-11 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-10 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.evkita-bayern.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22624282976547878750267921986234044357042466533927366872163649416858000538762087386974341539979995840744566046814114831827507337415528351233253846792538152671563047899791330071845885881899180747149975545236647352915160002356559156676317347448504956361406022327983780908607096914297670195134777638787795754299526072681651137339233291203842990548905663713196004536028838305083370708683877001035247889781239754838347378977374384613277592252309883880096752370270706916492720362795123486210831027780661862237426286167835380943557341235403050864145763814684935037902224997768045703921593017586434991685526403051495859151611 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.evkita-bayern.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'evkita-bayern.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gs.symcb.com/gs.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4cf4bfe83bbec224f31b473bb56e488e16abaf12 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gs.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gs.symcb.com/gs.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000157b395b7b30000040300473045022100e88ab77dc25e9007a5ae0bee402473ff0368c32b5dfd61ce2b12562e7a0c3e5f022063b57722daa59cec4f71319d98062bf054f1d51636a2f893b0f6898e15b936b100740068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc400000157b395b7da0000040300453043021f5355ea620f12f196e1761069ba669a8318c5eab0ff1d066f7a39b820f6c3f20220654105daaba68433da80b011f4a1c21736b9010fe5ee000ed9653c2aeeffa751 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a14c195251243c615ccd653fd588b65e2d62dc6812661871f714936ce3273ab8aadd3403907987c7b3a11bb75a47f6087048ebb71026b5296d4a1601d82f58186f77455ac7478ca1be8e8fe0284d3f69c442e39b59fc64ad188bfce82b444e97d7f38f48c21a6a3a615c85f9b445bd105c204764135ca71ff289860a50415601184c62fc48534e903088cec1969e2581ebbc8519cc632ff1179f8e85dd08820f8558cc525c9c4d03510666f4d94311f633636a5277e7fd808209f47b20c0e2fedf9d2f50d0c8207e01852b12546211c49afce9ee1b7884c2b55fd3f05480b70fe5e6d404f782eba6df083811ec3e5588f6660a5c9709a994cfaf5e4172909586