www.tunero.de
Issued by RapidSSL SHA256 CA - G4
About this certificate
This digital certificate with serial number 5a:96 was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.tunero.de
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 5a:96Serial Number (int): 23190
Serial Number lenght: 15 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: f3:b5:56:0c:c4:09:b0:b4:cf:1f:aa:f9:dd:23:56:f0:77:e8:a1:f9
Fingerprint (sha1): 68:1d:6f:5b:46:62:f7:31:aa:79:e8:71:34:37:f7:4b:76:da:9c:dd
Fingerprint (sha256): b0:5a:71:c8:1f:93:c8:cb:7c:03:ce:36:30:42:f5:b6:29:6e:ba:0a:be:c7:34:37:10:cc:29:31:56:17:0f:de
Issuing Certificate URL: http://gz.symcb.com/gz.crt
Revocation information
OCSP Server: http://gz.symcd.comCRL Distribution Point: http://gz.symcb.com/gz.crl
Check the revocation status for certificate www.tunero.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.tunero.de
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.tunero.de
tunero.de
tunero.de
Other certificates including the domain name tunero.de
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.tunero.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgICWpYwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UEBhMCVVMx FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xIDAeBgNVBAMTF1JhcGlkU1NMIFNIQTI1 NiBDQSAtIEc0MB4XDTE2MDEyNDE2MTIzOFoXDTE3MDIyNTA1MDQ0MVowGDEWMBQG A1UEAxMNd3d3LnR1bmVyby5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC ggIBAMdyV+J46k7a6EVwBazgwo1pVWoPjKaiGFlas/XB0DTykkbTFOMOSshLUz/u T5cAJzwY+B6RCuUnZccC1lPtb8jn/cZbsIVSDE8LIjKuqCQRv2f9GgG/9dOcRVDK SOKaFJozwWj2jGkD4JoKfTiyTrG1T4tW2yLU5EayspiqC/xVGgeAnu+U5Sek3HIq 83nTgtYOBMbbMhCae8jrzkCm839EUhPAmmHMwtSPoSJARTksSr466D+kWTeT48xV 9nuHun9pn1h4cLDRWss3wJGTkEdURf8NkeLidCNOLmvuh2CcYXV3WziAiWclE66u WAnRJV8VF2kxopDwoR0xbRYM6lTtsPYfbipqsv9VK7g+GKW5/7JyfXiIRDq7HIzM VKBdSu0SCfWuQU24SNgBKK/6f9TYLqRnWNo63h0ztKtGyuv5pEsTjX6O7R2Se0ju b+QesRI95s//EyvlXjmHx7Qd9wtqYqqb4CaAPc5WOx/sxEchIXQsxshIG/Q0k0wT 1o4PNKR2uv3C3zuLuqhmop2qfPSPfHRyG8fbUVVDZnSsIw7iPxSKlY0+cUTLYdcW bHrClsocw79HtaZiJRS5bNIkPT1by0qD4N5l5ffwm6jZw3Cw8OOAqrFEzmhGnCGb ENKlxd1Kj054lIcrKN5eH7Fe7+iUVwkKrylzieyNJXL6QrP7AgMBAAGjggFQMIIB TDAfBgNVHSMEGDAWgBTztVYMxAmwtM8fqvndI1bwd+ih+TBXBggrBgEFBQcBAQRL MEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nei5zeW1jZC5jb20wJgYIKwYBBQUHMAKG Gmh0dHA6Ly9nei5zeW1jYi5jb20vZ3ouY3J0MA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIwYDVR0RBBwwGoINd3d3LnR1bmVy by5kZYIJdHVuZXJvLmRlMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9nei5zeW1j Yi5jb20vZ3ouY3JsMAwGA1UdEwEB/wQCMAAwQQYDVR0gBDowODA2BgZngQwBAgEw LDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cucmFwaWRzc2wuY29tL2xlZ2FsMA0G CSqGSIb3DQEBCwUAA4IBAQC7RvGEpWPNx809XNe7TnoX866Bj63YxYm92gTOj0HC xjC2f+3MTnZxX00btutAhrrxzV9fcx1vL2uNPXN5d77/9Tmp573CbcOaPKLJH+oI d9RVQQOJ54Fm70LU3R10rX/s4Rz0SDkaUBQK3R7hiR9c/mbElhHki/R27aO2fAR0 eh4kLrpLlDfWPXWQZQrePSLN4cBNmxZXPByeZGlaRaiduif1snRsq+nCBCaskaum 7moC0oJXtysrwzx1ycQyAbmszCvPeSF0YoaruID5mQW79rwfcYGCy8nOovvaUR+M XBtroAcs0mV/pXqMkooRT/J8VzVbu40T0spXNyfs9uPJ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAx3JX4njqTtroRXAFrODC jWlVag+MpqIYWVqz9cHQNPKSRtMU4w5KyEtTP+5PlwAnPBj4HpEK5SdlxwLWU+1v yOf9xluwhVIMTwsiMq6oJBG/Z/0aAb/105xFUMpI4poUmjPBaPaMaQPgmgp9OLJO sbVPi1bbItTkRrKymKoL/FUaB4Ce75TlJ6TccirzedOC1g4ExtsyEJp7yOvOQKbz f0RSE8CaYczC1I+hIkBFOSxKvjroP6RZN5PjzFX2e4e6f2mfWHhwsNFayzfAkZOQ R1RF/w2R4uJ0I04ua+6HYJxhdXdbOICJZyUTrq5YCdElXxUXaTGikPChHTFtFgzq VO2w9h9uKmqy/1UruD4Ypbn/snJ9eIhEOrscjMxUoF1K7RIJ9a5BTbhI2AEor/p/ 1NgupGdY2jreHTO0q0bK6/mkSxONfo7tHZJ7SO5v5B6xEj3mz/8TK+VeOYfHtB33 C2piqpvgJoA9zlY7H+zERyEhdCzGyEgb9DSTTBPWjg80pHa6/cLfO4u6qGainap8 9I98dHIbx9tRVUNmdKwjDuI/FIqVjT5xRMth1xZsesKWyhzDv0e1pmIlFLls0iQ9 PVvLSoPg3mXl9/CbqNnDcLDw44CqsUTOaEacIZsQ0qXF3UqPTniUhyso3l4fsV7v 6JRXCQqvKXOJ7I0lcvpCs/sCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 23190 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA - G4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-01-24 16:12:38 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-25 05:04:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.tunero.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 813671356892615727458391441599000795511309872542189616335472545418320050728875739286490252001552258188284905897008873919099442107657315889020023829872915106711319542909164086532440760517476048371694185432940735771730287978308840078909798410918635065730056925757432161640531048428561380725092126242309840547112857837022667906713393254815028302485582276425502487471624274839287688535790150822265158957360175356557467990410052450486649318868807503506297209395026298437842354098995903949438891073316381718062633690908678714348848094530489158689465461065018551089578205593448919459474515873012569133126722331571126559365923601957208452771384761883077922744722614746383010299526333923477622746446959770630667883701115402373944292542389754838692808317302331836048135740853401972524095999338924345826440013060709388620882554837315855064535062652946013927642854181937075628760730963448155762701787141103359776197962373745018260904363973667550829349386572394514142521612557961574743927229383455982280918358002932597542901833326144810422104609789023329657605212567769300468705323915900586962834668319390116240695703825172316835680754740413846060366390204982479865645566867412442637546152277253354634579409614087629726129926621588935387455337467 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f3b5560cc409b0b4cf1faaf9dd2356f077e8a1f9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tunero.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tunero.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gz.symcb.com/gz.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bb46f184a563cdc7cd3d5cd7bb4e7a17f3ae818fadd8c589bdda04ce8f41c2c630b67fedcc4e76715f4d1bb6eb4086baf1cd5f5f731d6f2f6b8d3d737977befff539a9e7bdc26dc39a3ca2c91fea0877d455410389e78166ef42d4dd1d74ad7fece11cf448391a50140add1ee1891f5cfe66c49611e48bf476eda3b67c04747a1e242eba4b9437d63d7590650ade3d22cde1c04d9b16573c1c9e64695a45a89dba27f5b2746cabe9c20426ac91aba6ee6a02d28257b72b2bc33c75c9c43201b9accc2bcf7921746286abb880f99905bbf6bc1f718182cbc9cea2fbda511f8c5c1b6ba0072cd2657fa57a8c928a114ff27c57355bbb8d13d2ca573727ecf6e3c9