rain.org
Issued by ZeroSSL ECC Domain Secure Site CA
About this certificate
This digital certificate with serial number 33:03:a7:e9:37:d0:7b:a8:7c:7a:c0:a2:7d:53:be:92 was issued on by ZeroSSL.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=rain.org
ZeroSSL
Organization:
ZeroSSL
Country:
AT
This certificate has expire since
Certificate Details
Serial Number (hex): 33:03:a7:e9:37:d0:7b:a8:7c:7a:c0:a2:7d:53:be:92Serial Number (int): 67809610315445705723285122459739864722
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 95:a8:65:c3:16:0a:56:da:92:74:2f:ee:4a:07:a8:cd:7b:8e:14:79
AuthorityKeyId: 0f:6b:e6:4b:ce:39:47:ae:f6:7e:90:1e:79:f0:30:91:92:c8:5f:a3
Fingerprint (sha1): 10:56:62:da:83:60:68:72:7c:fc:b8:03:e9:26:11:b6:2c:cb:b7:36
Fingerprint (sha256): b7:d8:5e:d8:97:b9:78:4d:56:c8:f0:9a:fe:69:b7:45:58:6f:ec:85:ca:55:f9:3c:a7:da:6e:88:a5:cd:6a:0b
Issuing Certificate URL: http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt
Revocation information
OCSP Server: http://zerossl.ocsp.sectigo.comCheck the revocation status for certificate rain.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rain.org
Public Key Algorithm
ECDSA
Key Size
384
Signature Algorithm
ECDSA with SHA384
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
rain.org
Other certificates including the domain name rain.org
(limited to 100 certificates)
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
Certificate
The complete raw certificate details for rain.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEETCCA5agAwIBAgIQMwOn6TfQe6h8esCifVO+kjAKBggqhkjOPQQDAzBLMQsw CQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBF Q0MgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIzMTIyMzAwMDAwMFoXDTI0MDMy MjIzNTk1OVowEzERMA8GA1UEAxMIcmFpbi5vcmcwdjAQBgcqhkjOPQIBBgUrgQQA IgNiAATlAWXnweyzLprsecZAYfyP3cNPxv2rPx83O/GsUCaeadHsIc+K9sOaelY4 93E7p79AXcve5u+ajkMyaRfRMypyZb0sodFCsJjKwU6e64nSnWM50o7S83lXQv8E 8HPG9HmjggJ1MIICcTAfBgNVHSMEGDAWgBQPa+ZLzjlHrvZ+kB558DCRkshfozAd BgNVHQ4EFgQUlahlwxYKVtqSdC/uSgeozXuOFHkwDgYDVR0PAQH/BAQDAgeAMAwG A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1Ud IARCMEAwNAYLKwYBBAGyMQECAk4wJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0 aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGIBggrBgEFBQcBAQR8MHowSwYIKwYBBQUH MAKGP2h0dHA6Ly96ZXJvc3NsLmNydC5zZWN0aWdvLmNvbS9aZXJvU1NMRUNDRG9t YWluU2VjdXJlU2l0ZUNBLmNydDArBggrBgEFBQcwAYYfaHR0cDovL3plcm9zc2wu b2NzcC5zZWN0aWdvLmNvbTCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AHb/iD8K tvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjJiSh2sAAAQDAEgwRgIhAObU Xj/OCC1gpe1AMV683NWXsFqoVGMXIwE2EJV/JwLpAiEAyVVnvtp5Ef2xnwdMEjjU 3UV8wbgpsioXWr/zhDvCqaEAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv 4frUFwAAAYyYkodPAAAEAwBHMEUCID6pQGf4NtNhf2dolyfENe7QPaEmP4XP6EjN k+Dw2QLVAiEA4Av8cOjGiohBzk46aibaK/sNgPsGVFUj8OdTDKJtDv8wEwYDVR0R BAwwCoIIcmFpbi5vcmcwCgYIKoZIzj0EAwMDaQAwZgIxANfeAWuB+KrSKSzz37hw FtxVisarOVl5WsZr1Z3pqpnb7Ffqnc08jGZIRX6a7VxDUgIxAI3NjQNmU9C7VAae Z9LiiR9P7147aT6eBMqpdQ+sFVFCoeFP8yLc6ARNhOypwqmIpg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE5QFl58Hssy6a7HnGQGH8j93DT8b9qz8f NzvxrFAmnmnR7CHPivbDmnpWOPdxO6e/QF3L3ubvmo5DMmkX0TMqcmW9LKHRQrCY ysFOnuuJ0p1jOdKO0vN5V0L/BPBzxvR5 -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 67809610315445705723285122459739864722 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384) . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZeroSSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZeroSSL ECC Domain Secure Site CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rain.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.132.0.34 (secp384r1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (776 bits) 0004e50165e7c1ecb32e9aec79c64061fc8fddc34fc6fdab3f1f373bf1ac50269e69d1ec21cf8af6c39a7a5638f7713ba7bf405dcbdee6ef9a8e43326917d1332a7265bd2ca1d142b098cac14e9eeb89d29d6339d28ed2f3795742ff04f073c6f479 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f6be64bce3947aef67e901e79f0309192c85fa3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 95a865c3160a56da92742fee4a07a8cd7b8e1479 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.78 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://zerossl.ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c9892876b0000040300483046022100e6d45e3fce082d60a5ed40315ebcdcd597b05aa854631723013610957f2702e9022100c95567beda7911fdb19f074c1238d4dd457cc1b829b22a175abff3843bc2a9a10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c9892874f000004030047304502203ea94067f836d3617f67689727c435eed03da1263f85cfe848cd93e0f0d902d5022100e00bfc70e8c68a8841ce4e3a6a26da2bfb0d80fb06545523f0e7530ca26d0eff . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rain.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384) . . . . [c:0|t:3|false] BIT STRING (832 bits) . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:2|false] INTEGER 33225004348385011406944106377340085798363328770070879944242319619117309232688809792789051043191814895694298627195730 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21825468915795018256056270286752508479267632844360325961769238799932942353026441604433173092426992237659780949837990