*.okfn.org

Issued by Gandi Standard SSL CA

About this certificate


This digital certificate with serial number 76:a8:b9:c2:f8:a5:6c:fa:0a:8f:a3:46:f7:0a:76:aa was issued on by GANDI SAS .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • WARNING: Using depricated TeletexString for '[*.okfn.org]'

*.okfn.org

Organization unit: Domain Control Validated
Organization unit: Gandi Standard Wildcard SSL

GANDI SAS

Organization: GANDI SAS

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 76:a8:b9:c2:f8:a5:6c:fa:0a:8f:a3:46:f7:0a:76:aa
Serial Number (int): 157724977067846397194509445479283717802
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 96:cb:c7:29:00:9b:c7:91:0f:f8:c1:ca:e1:fd:f2:9a:8b:c7:0c:3d
AuthorityKeyId: b6:a8:ff:a2:a8:2f:d0:a6:cd:4b:b1:68:f3:e7:50:10:31:a7:79:21

Fingerprint (sha1): 2e:59:4b:30:2d:b4:63:09:47:86:10:ca:72:ee:23:9c:94:45:6f:69
Fingerprint (sha256): b8:05:bd:e0:88:e2:80:05:a6:c3:9e:bc:6a:f6:8c:5d:00:70:e0:c9:9e:8f:4d:5d:3e:69:2b:1a:2d:d3:8b:86

Issuing Certificate URL: http://crt.gandi.net/GandiStandardSSLCA.crt

Revocation information

OCSP Server: http://ocsp.gandi.net
CRL Distribution Point: http://crl.gandi.net/GandiStandardSSLCA.crl

Check the revocation status for the current certificate on *.okfn.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

*.okfn.org
okfn.org

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIF2TCCBMGgAwIBAgIQdqi5wvilbPoKj6NG9wp2qjANBgkqhkiG9w0BAQUFADBB MQswCQYDVQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5k aSBTdGFuZGFyZCBTU0wgQ0EwHhcNMTQwNjI1MDAwMDAwWhcNMTYwNjI1MjM1OTU5 WjBeMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxJDAiBgNVBAsT G0dhbmRpIFN0YW5kYXJkIFdpbGRjYXJkIFNTTDETMBEGA1UEAxQKKi5va2ZuLm9y ZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOI5Utb7WXo9uO1TZ+vl PSbLm3Zhw79y8L5+H8uJ/cQ6L+Wt25Su4u4H/7Tki/RM4djEbrEKLPjOZpGe5LO6 10szGCn2Bnw0VXHuDClbOYn2x2QVxRi9o40gLqB4TXlpqU50ADaJrxBHu2QQrEDB MJmqTSa4eNNrsl7IiTJGpwRsQinb7px+DhQVsOrufM59s873kNfd16RBCumhj7wQ 2WEbf3Bt/9IVqloZcmxdZ1gGp7xt5EkrcLBypuBZPJOozJD5Hots80up1IO7vID+ l0bGrLicvBjCW7eCXUGHzICj9ZPAEzs8SsxrT2lizdyGnq/ko+kf++iad7qb8XvQ 164iaSEy987txIyoplWcGrsT7vkL+KwoRy8RqEJzRnh5CYtDvgo7h7uGpZUhZBM6 jbQWb3M4xSnvE7GP3IWjtED8K46rmGGzO0slVo4TsBE/2rJq+NYd4tXPLgnMrJJA KkNDShJxXXYVSipxdpKGSO3ew9H4itq+sEAgZYQaN6UUy8L88shNDh3kk1afFqwi U86fXTxHBBh+y7ZR70ex8s3HSvoAISROFxUV7bebqw+y7PCFez5jFw67xs2wZbrG FsE2//eG84BApuZrql1UvmmmJCvbjVzb/liUCrxi6tTuHO5/Gg1RzNzSWPLKR54c TJpX3DbFBD1jv9vz8fjt8JDFAgMBAAGjggGuMIIBqjAfBgNVHSMEGDAWgBS2qP+i qC/Qps1LsWjz51AQMad5ITAdBgNVHQ4EFgQUlsvHKQCbx5EP+MHK4f3ymovHDD0w DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMGAGA1UdIARZMFcwSwYLKwYBBAGyMQECAhowPDA6BggrBgEF BQcCARYuaHR0cDovL3d3dy5nYW5kaS5uZXQvY29udHJhY3RzL2ZyL3NzbC9jcHMv cGRmLzAIBgZngQwBAgEwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5nYW5k aS5uZXQvR2FuZGlTdGFuZGFyZFNTTENBLmNybDBqBggrBgEFBQcBAQReMFwwNwYI KwYBBQUHMAKGK2h0dHA6Ly9jcnQuZ2FuZGkubmV0L0dhbmRpU3RhbmRhcmRTU0xD QS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmdhbmRpLm5ldDAfBgNVHREE GDAWggoqLm9rZm4ub3Jngghva2ZuLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAnttr AtwpzPPlGx8oi7yR7FzgXrEtp7RYg06Llfp9sQfaT3rCMmbPv3gxKAyXfz3MwhcH GQDs85TDDPBIk/huXh4tEgl1ZvRMap80FcLeXXAFbmmAo5U5l5KoykEnalb7g+pd gWRoX6WX92gUb1pSZcvo1659XReaFB9CcNKVxlLASaTpcVxcrUWsxEF/FcIwE4a2 uwCZRaW4hW1/ljFZd1OJtZuODd9ykRx4mWlFfhEJFvRblhb6T2sOmDpznWIi5R7m VDpNoJM2JciSypqAXXLUtKJ2QwRGEZzfMHz49SqcXX4uKA5mVbBLkkB7MhVP0sTI pVpiSgE1P30c290GhQ== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4jlS1vtZej247VNn6+U9 JsubdmHDv3Lwvn4fy4n9xDov5a3blK7i7gf/tOSL9Ezh2MRusQos+M5mkZ7ks7rX SzMYKfYGfDRVce4MKVs5ifbHZBXFGL2jjSAuoHhNeWmpTnQANomvEEe7ZBCsQMEw mapNJrh402uyXsiJMkanBGxCKdvunH4OFBWw6u58zn2zzveQ193XpEEK6aGPvBDZ YRt/cG3/0hWqWhlybF1nWAanvG3kSStwsHKm4Fk8k6jMkPkei2zzS6nUg7u8gP6X RsasuJy8GMJbt4JdQYfMgKP1k8ATOzxKzGtPaWLN3Iaer+Sj6R/76Jp3upvxe9DX riJpITL3zu3EjKimVZwauxPu+Qv4rChHLxGoQnNGeHkJi0O+CjuHu4allSFkEzqN tBZvczjFKe8TsY/chaO0QPwrjquYYbM7SyVWjhOwET/asmr41h3i1c8uCcyskkAq Q0NKEnFddhVKKnF2koZI7d7D0fiK2r6wQCBlhBo3pRTLwvzyyE0OHeSTVp8WrCJT zp9dPEcEGH7LtlHvR7HyzcdK+gAhJE4XFRXtt5urD7Ls8IV7PmMXDrvGzbBlusYW wTb/94bzgECm5muqXVS+aaYkK9uNXNv+WJQKvGLq1O4c7n8aDVHM3NJY8spHnhxM mlfcNsUEPWO/2/Px+O3wkMUCAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 157724977067846397194509445479283717802 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GANDI SAS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-06-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-06-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard Wildcard SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '*.okfn.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 922913074433403888602521009171624149839097732928367974765499565345163651602135098205411819505537344760056086087627869945031038626674780914547844349246068307208431550197595387450173666174457626116026326393005190113147827484010381951236821857412394454244727263185027308222238580519491950726986701779345759585664648788243258461991179018946314810873580698020017936107467686054809217377706931180864312766001147233943534872314605010538897158392104197068582471042695192742639979577624470400861480510450252745536330655581431383498659935825216019778358771363484699947737937164833604541046571152882253434805290809274458543944748452141354412230569265440153967266659483756110746407175145425859874929839168534429917098984593071094223394094441996838295966383700258244115201072868036024669444194649854901015174005125275397784470509592059281235461047354553425592611117935433423302992564943588723305454465733559414574220802203574172374932712367028639615252164586579381456459500301067866638786700116742117542742899107446295186855915070378557883840885539846184926953767979951206790008496953425520813223011544016009216699464395357971482534892626592031186286658741127119559295578859258932774588262978474464365335769039179075016856194963326462903500968133 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b6a8ffa2a82fd0a6cd4bb168f3e7501031a77921 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 96cbc729009bc7910ff8c1cae1fdf29a8bc70c3d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.gandi.net/contracts/fr/ssl/cps/pdf/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.gandi.net/GandiStandardSSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.gandi.net/GandiStandardSSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.gandi.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.okfn.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'okfn.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009edb6b02dc29ccf3e51b1f288bbc91ec5ce05eb12da7b458834e8b95fa7db107da4f7ac23266cfbf7831280c977f3dccc217071900ecf394c30cf04893f86e5e1e2d12097566f44c6a9f3415c2de5d70056e6980a395399792a8ca41276a56fb83ea5d8164685fa597f768146f5a5265cbe8d7ae7d5d179a141f4270d295c652c049a4e9715c5cad45acc4417f15c2301386b6bb009945a5b8856d7f963159775389b59b8e0ddf72911c789969457e110916f45b9616fa4f6b0e983a739d6222e51ee6543a4da0933625c892ca9a805d72d4b4a276430446119cdf307cf8f52a9c5d7e2e280e6655b04b92407b32154fd2c4c8a55a624a01353f7d1cdbdd0685