test.dragonstale.net
Issued by Gandi Standard SSL CA 2
About this certificate
This digital certificate with serial number bb:57:23:af:d9:55:f7:30:ee:e7:23:a6:8d:56:a7:2a was issued on by Gandi.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage contains an inefficient encoding wherein the number of 'unused bits' is declared to be 5, but it should be 7. Raw Bytes: [3 2 5 128], Raw Binary: [00000011 00000010 00000101 10000000] RFC 5280 Section 4.2.1.3 describes the value of a KeyUsage to be a DER encoded BitString, which itself defines that all trailing 0 bits be counted as being "unused". (Where ITU-T Rec. X.680 | ISO/IEC 8824-1, 21.7, applies, the bitstring shall have all trailing 0 bits removed before it is encoded.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=test.dragonstale.net
Gandi
Organization:
Gandi
State / Province:
Paris
Locality: Paris
Country: FR
Locality: Paris
Country: FR
This certificate has expire since
Certificate Details
Serial Number (hex): bb:57:23:af:d9:55:f7:30:ee:e7:23:a6:8d:56:a7:2aSerial Number (int): 249018088854998539194496865509496497962
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: dc:59:26:3d:36:13:b7:62:3a:e4:3a:ab:11:1d:f3:e3:59:91:2d:93
AuthorityKeyId: b3:90:a7:d8:c9:af:4e:cd:61:3c:9f:7c:ad:5d:7f:41:fd:69:30:ea
Fingerprint (sha1): 94:bd:5f:b2:19:28:a6:37:62:1d:33:e5:fa:79:58:19:73:79:2b:f0
Fingerprint (sha256): ba:d6:75:e2:4f:20:c5:67:17:50:25:31:8b:a6:83:38:bd:65:84:7a:c3:11:60:bd:5f:55:18:9d:b7:82:e0:9c
Issuing Certificate URL: http://crt.usertrust.com/GandiStandardSSLCA2.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.usertrust.com/GandiStandardSSLCA2.crl
Check the revocation status for certificate test.dragonstale.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for test.dragonstale.net
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
test.dragonstale.net
Other certificates including the domain name dragonstale.net
(limited to 100 certificates)
addi.dragonstale.net
test.dragonstale.net
addi.dragonstale.net
games.dragonstale.net
home.dragonstale.net
addi.dragonstale.net
home.dragonstale.net
portal.dragonstale.net
test.dragonstale.net
test.dragonstale.net
test.dragonstale.net
home.dragonstale.net
addi.dragonstale.net
test.dragonstale.net
test.dragonstale.net
addi.dragonstale.net
home.dragonstale.net
addi.dragonstale.net
games.dragonstale.net
test.dragonstale.net
addi.dragonstale.net
games.dragonstale.net
home.dragonstale.net
addi.dragonstale.net
home.dragonstale.net
portal.dragonstale.net
test.dragonstale.net
test.dragonstale.net
test.dragonstale.net
home.dragonstale.net
addi.dragonstale.net
test.dragonstale.net
test.dragonstale.net
addi.dragonstale.net
home.dragonstale.net
addi.dragonstale.net
games.dragonstale.net
Certificate
The complete raw certificate details for test.dragonstale.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgIRALtXI6/ZVfcw7ucjpo1WpyowDQYJKoZIhvcNAQELBQAw XzELMAkGA1UEBhMCRlIxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEO MAwGA1UEChMFR2FuZGkxIDAeBgNVBAMTF0dhbmRpIFN0YW5kYXJkIFNTTCBDQSAy MB4XDTIxMTIwMzAwMDAwMFoXDTIzMDEwMjIzNTk1OVowHzEdMBsGA1UEAxMUdGVz dC5kcmFnb25zdGFsZS5uZXQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR7vXwS Gt01aL7ies9pHgqo/JUXEWMTVzfs5g7zQfmCttPQtU/jp7CyZ2IH32A/iudlrTgc 4Ebk6225SJt1giM7o4IDKDCCAyQwHwYDVR0jBBgwFoAUs5Cn2MmvTs1hPJ98rV1/ Qf1pMOowHQYDVR0OBBYEFNxZJj02E7diOuQ6qxEd8+NZkS2TMA4GA1UdDwEB/wQE AwIFgDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjBLBgNVHSAERDBCMDYGCysGAQQBsjEBAgIaMCcwJQYIKwYBBQUHAgEWGWh0dHBz Oi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgwNqA0oDKG MGh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNy bDBzBggrBgEFBQcBAQRnMGUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9jcnQudXNlcnRy dXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0 cDovL29jc3AudXNlcnRydXN0LmNvbTAfBgNVHREEGDAWghR0ZXN0LmRyYWdvbnN0 YWxlLm5ldDCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUArfe++nz/EMiLnT2c Hj4YarRnKV3PsQwkyoWGNOvcgooAAAF9fatSgwAABAMARjBEAiAOc2VzZkO8vdG0 lFRusMV0zdTQsuM/AiDj6CXX+yZoaQIgOn8upL6NizcVIPcsE7AJuQnyCE7zLpl8 7ZdERKXUhh0AdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAX19 q1IyAAAEAwBHMEUCIH+6gbPjqcwiALpvoRF7qoDwEt1FFXjGqJ4PbAERScFPAiEA 6Qjc/LC0kkv4wZVv5wNowBgpqDC7oWAPCqsZHgoWhQAAdgDoPtDaPvUGNTLnVyi8 iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX19q1IEAAAEAwBHMEUCIQD0nJeqORbJvH0a douEuYIIBPC6zZrHtNm+MYP3ZbhqpQIgWpW8mmhe5QjfPRSunRakNML5K0O+OXkK csd2d+Mq7JIwDQYJKoZIhvcNAQELBQADggEBAEteYkfkj2HNgFwSI9Sh4eTsdwsh 8XxgL6uJe8f3tgSIm3IdgN8twDYok238D4+X5C1iMV0Hb9acxCNMwys73+YkB0Fi 1Q8Acv7ZJipO7dJiwRvrJZVPiwpMDMs4PyjBen0GvshBx9ZXRBbXx/q7JAVxBVwd 7VwniUXaIFkkrwMTbC1MWs0Vq9KREB1q3diJ60irnaIjjWH7gG8oXPRVKpm5eGG3 wrluHQsduObviMOFB6ONYQ3kHTSAGjLLYBGVGK5NtU+otUViji4DP552t4gdav0H qBepnJTqFmxZmAnyRyo5U4LUkGR+7A/GEFAE5lDFEavKBeCIyagwgtJQd5I= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEe718EhrdNWi+4nrPaR4KqPyVFxFj E1c37OYO80H5grbT0LVP46ewsmdiB99gP4rnZa04HOBG5OttuUibdYIjOw== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 249018088854998539194496865509496497962 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test.dragonstale.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 00047bbd7c121add3568bee27acf691e0aa8fc95171163135737ece60ef341f982b6d3d0b54fe3a7b0b2676207df603f8ae765ad381ce046e4eb6db9489b7582233b . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b390a7d8c9af4ecd613c9f7cad5d7f41fd6930ea . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dc59263d3613b7623ae43aab111df3e359912d93 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 0580 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/GandiStandardSSLCA2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/GandiStandardSSLCA2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.dragonstale.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000017d7dab5283000004030046304402200e7365736643bcbdd1b494546eb0c574cdd4d0b2e33f0220e3e825d7fb26686902203a7f2ea4be8d8b371520f72c13b009b909f2084ef32e997ced974444a5d4861d0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000017d7dab5232000004030047304502207fba81b3e3a9cc2200ba6fa1117baa80f012dd451578c6a89e0f6c011149c14f022100e908dcfcb0b4924bf8c1956fe70368c01829a830bba1600f0aab191e0a168500007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017d7dab52040000040300473045022100f49c97aa3916c9bc7d1a768b84b9820804f0bacd9ac7b4d9be3183f765b86aa502205a95bc9a685ee508df3d14ae9d16a434c2f92b43be39790a72c77677e32aec92 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004b5e6247e48f61cd805c1223d4a1e1e4ec770b21f17c602fab897bc7f7b604889b721d80df2dc03628936dfc0f8f97e42d62315d076fd69cc4234cc32b3bdfe624074162d50f0072fed9262a4eedd262c11beb25954f8b0a4c0ccb383f28c17a7d06bec841c7d6574416d7c7fabb240571055c1ded5c278945da205924af03136c2d4c5acd15abd291101d6addd889eb48ab9da2238d61fb806f285cf4552a99b97861b7c2b96e1d0b1db8e6ef88c38507a38d610de41d34801a32cb60119518ae4db54fa8b545628e2e033f9e76b7881d6afd07a817a99c94ea166c599809f2472a395382d490647eec0fc6105004e650c511abca05e088c9a83082d2507792