*.fmfic.com
Issued by RapidSSL SHA256 CA
About this certificate
This digital certificate with serial number 09:4c:e1:fa:ec:e4:e6:fa:e0:e6:38:37:be:e3:a8:1e was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=*.fmfic.com
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:4c:e1:fa:ec:e4:e6:fa:e0:e6:38:37:be:e3:a8:1eSerial Number (int): 12362249945829528124724720018955413534
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 97:c2:27:50:9e:c2:c9:ec:0c:88:32:c8:7c:ad:e2:a6:01:4f:da:6f
Fingerprint (sha1): e3:42:ec:8e:97:bf:0a:7e:07:00:9c:3e:64:2c:0b:76:06:36:4d:1c
Fingerprint (sha256): bb:48:73:4b:a0:41:27:a9:8d:f9:ef:cb:1c:58:8f:21:cc:76:00:ed:ab:92:31:32:36:4d:40:10:56:e8:6c:3c
Issuing Certificate URL: http://gp.symcb.com/gp.crt
Revocation information
OCSP Server: http://gp.symcd.comCRL Distribution Point: http://gp.symcb.com/gp.crl
Check the revocation status for certificate *.fmfic.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.fmfic.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.fmfic.com
fmfic.com
fmfic.com
Other certificates including the domain name fmfic.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.fmfic.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWDCCBUCgAwIBAgIQCUzh+uzk5vrg5jg3vuOoHjANBgkqhkiG9w0BAQsFADBC MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE3MTAyMzAwMDAwMFoXDTIwMTIyMTIzNTk1 OVowFjEUMBIGA1UEAwwLKi5mbWZpYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCPaXFlCMOEJ5wDe7OsrMS0kRXeAQzHdT9FdC4/FqA/U2sPLUfL 5eEFs5FOIrIWq7isIViOnTcjhpI6GZcn2MXtc7dhTOeHaJKhC5lfYgixWINh8TPM TBzF7/8EVH6RwJX5dkX5Y99vVHaoa3kNZ0xaED4mD5zDITEIPmuCQHqecV5L0Oh/ tgknYLjS2eisZBt72XIGZc1SLhd99nANKvhU2XpeAtxk1CXfbfXlrgJYLL/H+lZ6 g8mFcKIx6rFrumhyaATjnUI3sqQFyliGWcVcfgagOWnkgqBa4wJQpsxtwOqihw8G 8uLecN7dB+7LuJgFip14ntybwMm3/U3MljaJAgMBAAGjggN0MIIDcDAhBgNVHREE GjAYggsqLmZtZmljLmNvbYIJZm1maWMuY29tMAkGA1UdEwQCMAAwKwYDVR0fBCQw IjAgoB6gHIYaaHR0cDovL2dwLnN5bWNiLmNvbS9ncC5jcmwwbwYDVR0gBGgwZjBk BgZngQwBAgEwWjAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cucmFwaWRzc2wuY29t L2xlZ2FsMCwGCCsGAQUFBwICMCAMHmh0dHBzOi8vd3d3LnJhcGlkc3NsLmNvbS9s ZWdhbDAfBgNVHSMEGDAWgBSXwidQnsLJ7AyIMsh8reKmAU/abzAOBgNVHQ8BAf8E BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEB BEswSTAfBggrBgEFBQcwAYYTaHR0cDovL2dwLnN5bWNkLmNvbTAmBggrBgEFBQcw AoYaaHR0cDovL2dwLnN5bWNiLmNvbS9ncC5jcnQwggH3BgorBgEEAdZ5AgQCBIIB 5wSCAeMB4QB3AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABX0sI 3h4AAAQDAEgwRgIhAMemSpoBptA79vC852UVrzP/0gMk/Sa0CMLtUaOXC0KtAiEA jSOQ1sEBjpJs6rGcQUxBV9mPcrD7421no3PUkPn4H6IAdgCkuQmQtBhYFIe7E6LM Z3AKPDWYBPkb37jjd80OyA3cEAAAAV9LCN5RAAAEAwBHMEUCIQCqfqSi4hoOP2x3 NVLeC2Ctei3Gwq8YihkJI3TJud4tcAIgfGD4La/BSYvGV1qB6QJLatWmz0eB8ujl +A2Mxg12icQAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAV9L COAQAAAEAwBGMEQCIAhyRtrP3TRsOiFZoPz2N26LUWydo7mA09qEuELmMtKlAiA6 qWg8IF9blkh3CVbnsHmXChA+cLVx1fSZBHImj+h6aAB3ALx44d/F9jxoRkkzTaEP oV8JeWkgCcCBtPP2kX8+2bilAAABX0sI3toAAAQDAEgwRgIhAM0o1f8lfFwn6cU9 6lWVmp4J/ZCcHAW4G+B4nAa02x2DAiEA9ts3RBh+pGTLipPuZ3UxBpMI6jgnK4iV dy4wZV5IgCEwDQYJKoZIhvcNAQELBQADggEBAC1U1kpttpuQkQkatu2wvBi7mAwg QCy6s4fT6KaKOUFEIYHumlOKVLwr0hbshDuNHb9LB2dvn845VQNGdOMXOIwoZgrP 2kPPgbYI1HEUlUCZV5aZK1ByL9EO6qOS0afJkmUJyzPyNjsbbP1lxBN+f77MSUia 6si0JQ9JZbcy9ZGEjRjsRuqid2nH8crPrS2f6ji9dDVnhBXeYEQ4NJZWpZsRElT0 u0154sjvFjT0Y+k7ZyZny3nRh4m+7kQOlUKxkqQzyaEWWBMfaJFemEAmkWXFdYxR /UvqgVMapSdnq61HAX0oOdnbjUAxTdN5HVGTje8Fcy03UvMYtYRbak/Umcc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2lxZQjDhCecA3uzrKzE tJEV3gEMx3U/RXQuPxagP1NrDy1Hy+XhBbORTiKyFqu4rCFYjp03I4aSOhmXJ9jF 7XO3YUznh2iSoQuZX2IIsViDYfEzzEwcxe//BFR+kcCV+XZF+WPfb1R2qGt5DWdM WhA+Jg+cwyExCD5rgkB6nnFeS9Dof7YJJ2C40tnorGQbe9lyBmXNUi4XffZwDSr4 VNl6XgLcZNQl32315a4CWCy/x/pWeoPJhXCiMeqxa7pocmgE451CN7KkBcpYhlnF XH4GoDlp5IKgWuMCUKbMbcDqoocPBvLi3nDe3Qfuy7iYBYqdeJ7cm8DJt/1NzJY2 iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12362249945829528124724720018955413534 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.fmfic.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18104073465672905294214891307898404584582818919169346476438877452799700523206290559144340459088111619404535001717518170889764307775957870583064013288112572219171022088431265444496409537453900654426701545138786944852548592958763488604568947446721125622532858186930141303130131148993445685289398942851131087790693243887102402369656590325474886172446555541348557132560553008849604097340109655302213499781252812563282117841920032818138205273659560698917919350584588350136735788409644601633236243781892059302520549807288208993543291158633519437317338266352762907176606966748097058408182922690445818263469825752972968474249 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fmfic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fmfic.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcb.com/gp.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 97c227509ec2c9ec0c8832c87cade2a6014fda6f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcb.com/gp.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) 01e1007700ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015f4b08de1e0000040300483046022100c7a64a9a01a6d03bf6f0bce76515af33ffd20324fd26b408c2ed51a3970b42ad0221008d2390d6c1018e926ceab19c414c4157d98f72b0fbe36d67a373d490f9f81fa2007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015f4b08de510000040300473045022100aa7ea4a2e21a0e3f6c773552de0b60ad7a2dc6c2af188a19092374c9b9de2d7002207c60f82dafc1498bc6575a81e9024b6ad5a6cf4781f2e8e5f80d8cc60d7689c4007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015f4b08e01000000403004630440220087246dacfdd346c3a2159a0fcf6376e8b516c9da3b980d3da84b842e632d2a502203aa9683c205f5b9648770956e7b079970a103e70b571d5f4990472268fe87a68007700bc78e1dfc5f63c684649334da10fa15f0979692009c081b4f3f6917f3ed9b8a50000015f4b08deda0000040300483046022100cd28d5ff257c5c27e9c53dea55959a9e09fd909c1c05b81be0789c06b4db1d83022100f6db3744187ea464cb8a93ee677531069308ea38272b8895772e30655e488021 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002d54d64a6db69b9091091ab6edb0bc18bb980c20402cbab387d3e8a68a3941442181ee9a538a54bc2bd216ec843b8d1dbf4b07676f9fce3955034674e317388c28660acfda43cf81b608d471149540995796992b50722fd10eeaa392d1a7c9926509cb33f2363b1b6cfd65c4137e7fbecc49489aeac8b4250f4965b732f591848d18ec46eaa27769c7f1cacfad2d9fea38bd7435678415de604438349656a59b111254f4bb4d79e2c8ef1634f463e93b672667cb79d18789beee440e9542b192a433c9a11658131f68915e9840269165c5758c51fd4bea81531aa52767abad47017d2839d9db8d40314dd3791d51938def05732d3752f318b5845b6a4fd499c7