rain.org

Issued by ZeroSSL ECC Domain Secure Site CA

About this certificate

This digital certificate with serial number 33:03:a7:e9:37:d0:7b:a8:7c:7a:c0:a2:7d:53:be:92 was issued on by ZeroSSL.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=rain.org

ZeroSSL

Organization: ZeroSSL
Country: AT

This certificate has expire since

Certificate Details

Serial Number (hex): 33:03:a7:e9:37:d0:7b:a8:7c:7a:c0:a2:7d:53:be:92
Serial Number (int): 67809610315445705723285122459739864722
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 95:a8:65:c3:16:0a:56:da:92:74:2f:ee:4a:07:a8:cd:7b:8e:14:79
AuthorityKeyId: 0f:6b:e6:4b:ce:39:47:ae:f6:7e:90:1e:79:f0:30:91:92:c8:5f:a3

Fingerprint (sha1): 10:56:62:da:83:60:68:72:7c:fc:b8:03:e9:26:11:b6:2c:cb:b7:36
Fingerprint (sha256): b7:d8:5e:d8:97:b9:78:4d:56:c8:f0:9a:fe:69:b7:45:58:6f:ec:85:ca:55:f9:3c:a7:da:6e:88:a5:cd:6a:0b

Issuing Certificate URL: http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt

Revocation information

OCSP Server: http://zerossl.ocsp.sectigo.com

Check the revocation status for certificate rain.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rain.org

Public Key Algorithm

ECDSA

Key Size

384

Signature Algorithm

ECDSA with SHA384

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rain.org

Other certificates including the domain name rain.org

(limited to 100 certificates)
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org
rain.org
rain.org
mail.secure.rain.org
mail.secure.rain.org
mail.secure.rain.org
rain.org
mail.secure.rain.org

Certificate

The complete raw certificate details for rain.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEETCCA5agAwIBAgIQMwOn6TfQe6h8esCifVO+kjAKBggqhkjOPQQDAzBLMQsw
CQYDVQQGEwJBVDEQMA4GA1UEChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBF
Q0MgRG9tYWluIFNlY3VyZSBTaXRlIENBMB4XDTIzMTIyMzAwMDAwMFoXDTI0MDMy
MjIzNTk1OVowEzERMA8GA1UEAxMIcmFpbi5vcmcwdjAQBgcqhkjOPQIBBgUrgQQA
IgNiAATlAWXnweyzLprsecZAYfyP3cNPxv2rPx83O/GsUCaeadHsIc+K9sOaelY4
93E7p79AXcve5u+ajkMyaRfRMypyZb0sodFCsJjKwU6e64nSnWM50o7S83lXQv8E
8HPG9HmjggJ1MIICcTAfBgNVHSMEGDAWgBQPa+ZLzjlHrvZ+kB558DCRkshfozAd
BgNVHQ4EFgQUlahlwxYKVtqSdC/uSgeozXuOFHkwDgYDVR0PAQH/BAQDAgeAMAwG
A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1Ud
IARCMEAwNAYLKwYBBAGyMQECAk4wJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0
aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGIBggrBgEFBQcBAQR8MHowSwYIKwYBBQUH
MAKGP2h0dHA6Ly96ZXJvc3NsLmNydC5zZWN0aWdvLmNvbS9aZXJvU1NMRUNDRG9t
YWluU2VjdXJlU2l0ZUNBLmNydDArBggrBgEFBQcwAYYfaHR0cDovL3plcm9zc2wu
b2NzcC5zZWN0aWdvLmNvbTCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AHb/iD8K
tvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjJiSh2sAAAQDAEgwRgIhAObU
Xj/OCC1gpe1AMV683NWXsFqoVGMXIwE2EJV/JwLpAiEAyVVnvtp5Ef2xnwdMEjjU
3UV8wbgpsioXWr/zhDvCqaEAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv
4frUFwAAAYyYkodPAAAEAwBHMEUCID6pQGf4NtNhf2dolyfENe7QPaEmP4XP6EjN
k+Dw2QLVAiEA4Av8cOjGiohBzk46aibaK/sNgPsGVFUj8OdTDKJtDv8wEwYDVR0R
BAwwCoIIcmFpbi5vcmcwCgYIKoZIzj0EAwMDaQAwZgIxANfeAWuB+KrSKSzz37hw
FtxVisarOVl5WsZr1Z3pqpnb7Ffqnc08jGZIRX6a7VxDUgIxAI3NjQNmU9C7VAae
Z9LiiR9P7147aT6eBMqpdQ+sFVFCoeFP8yLc6ARNhOypwqmIpg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE5QFl58Hssy6a7HnGQGH8j93DT8b9qz8f
NzvxrFAmnmnR7CHPivbDmnpWOPdxO6e/QF3L3ubvmo5DMmkX0TMqcmW9LKHRQrCY
ysFOnuuJ0p1jOdKO0vN5V0L/BPBzxvR5
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 67809610315445705723285122459739864722
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'AT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZeroSSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ZeroSSL ECC Domain Secure Site CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-23 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rain.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.132.0.34 (secp384r1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (776 bits)
				0004e50165e7c1ecb32e9aec79c64061fc8fddc34fc6fdab3f1f373bf1ac50269e69d1ec21cf8af6c39a7a5638f7713ba7bf405dcbdee6ef9a8e43326917d1332a7265bd2ca1d142b098cac14e9eeb89d29d6339d28ed2f3795742ff04f073c6f479
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f6be64bce3947aef67e901e79f0309192c85fa3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							95a865c3160a56da92742fee4a07a8cd7b8e1479
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.78
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://zerossl.ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c9892876b0000040300483046022100e6d45e3fce082d60a5ed40315ebcdcd597b05aa854631723013610957f2702e9022100c95567beda7911fdb19f074c1238d4dd457cc1b829b22a175abff3843bc2a9a10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c9892874f000004030047304502203ea94067f836d3617f67689727c435eed03da1263f85cfe848cd93e0f0d902d5022100e00bfc70e8c68a8841ce4e3a6a26da2bfb0d80fb06545523f0e7530ca26d0eff
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rain.org'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.4.3.3 (ecdsaWithSHA384)
 . . . . [c:0|t:3|false] BIT STRING (832 bits)
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 33225004348385011406944106377340085798363328770070879944242319619117309232688809792789051043191814895694298627195730
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21825468915795018256056270286752508479267632844360325961769238799932942353026441604433173092426992237659780949837990