kyerenue.surfnet.ca
Issued by SSL.com RSA SSL subCA
About this certificate
This digital certificate with serial number 20:15:c0:e5:b2:bd:5d:80:43:0a:ef:34:63:f0:84:b1 was issued on by SSL Corporation.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kyerenue.surfnet.ca
SSL Corporation
Organization:
SSL Corporation
State / Province:
Texas
Locality: Houston
Country: US
Locality: Houston
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 20:15:c0:e5:b2:bd:5d:80:43:0a:ef:34:63:f0:84:b1Serial Number (int): 42648246520356916474579345163156489393
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: fa:4e:b9:e5:78:26:7e:5f:e8:88:f1:3b:c6:39:73:a6:b7:11:7b:cf
AuthorityKeyId: 26:14:7e:e0:dc:d7:a6:f7:e2:d4:04:27:df:61:f1:c2:ec:e7:32:ca
Fingerprint (sha1): 05:31:ab:36:12:c7:96:38:14:e2:f5:56:5c:56:c8:a2:c4:9d:36:d7
Fingerprint (sha256): c0:3b:ae:13:e1:8a:41:49:d3:1c:8d:26:ff:c5:d8:66:9a:6e:86:92:61:fe:3a:9f:3e:76:3d:90:06:c4:07:f7
Issuing Certificate URL: http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer
Revocation information
OCSP Server: http://ocsps.ssl.comCRL Distribution Point: http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl
Check the revocation status for certificate kyerenue.surfnet.ca
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kyerenue.surfnet.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kyerenue.surfnet.ca
Other certificates including the domain name surfnet.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for kyerenue.surfnet.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF1zCCA7+gAwIBAgIQIBXA5bK9XYBDCu80Y/CEsTANBgkqhkiG9w0BAQsFADBp MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg U1NMIHN1YkNBMB4XDTIzMDEyNTA5MDU1OFoXDTIzMDUwOTA5MDU1MlowHjEcMBoG A1UEAwwTa3llcmVudWUuc3VyZm5ldC5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALZWNcsWk7dabcMplSgaTu7tNu1UV5MQBVpsQS9PmL/3JvHpfY6u lMcBCQZgiNqByaKCqwB3+MPZHTKc5pKl5aJ4exCIeExScfQAXArRwhBt48YWPORz D+630qnUibtjo1MFw1Ol+G7FVJiT7HbzSVLz/Px7fOXZKb86MTKCBteMIB/kfjyV ggpgMrKZHlwz4zjMC23icI31thB5PacxzsuK8Lp8Btoofszb0UxkseGzOgdCbFAN KfCgcAELOA2ndqlgI7KpUGCqOehxyw40/EuzRU4bzFt6/VEGzSaoBw/GQRL6hyDU KpiSk8aFgT3for5+Bfzaf0ry0gC32adm48UCAwEAAaOCAcQwggHAMAwGA1UdEwEB /wQCMAAwHwYDVR0jBBgwFoAUJhR+4NzXpvfi1AQn32HxwuznMsowcgYIKwYBBQUH AQEEZjBkMEAGCCsGAQUFBzAChjRodHRwOi8vY2VydC5zc2wuY29tL1NTTGNvbS1T dWJDQS1TU0wtUlNBLTQwOTYtUjEuY2VyMCAGCCsGAQUFBzABhhRodHRwOi8vb2Nz cHMuc3NsLmNvbTAeBgNVHREEFzAVghNreWVyZW51ZS5zdXJmbmV0LmNhMFEGA1Ud IARKMEgwCAYGZ4EMAQIBMDwGDCsGAQQBgqkwAQMBATAsMCoGCCsGAQUFBwIBFh5o dHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYBBQUH AwIGCCsGAQUFBwMBMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmxzLnNzbC5j b20vU1NMY29tLVN1YkNBLVNTTC1SU0EtNDA5Ni1SMS5jcmwwHQYDVR0OBBYEFPpO ueV4Jn5f6IjxO8Y5c6a3EXvPMA4GA1UdDwEB/wQEAwIFoDATBgorBgEEAdZ5AgQD AQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAgEAaN5ChjdFWkRs6jKf6Qgdk3NV2din bCE82aKVJUHgJ7D76FkHd6yhba3JzLh6Hz2QHO5XdieVtDB8eaKKt8a9IQgaJn+F M2zTWpihYPPDTY62vFvHfcVqtEwheKADTaerRTmsvzGpTZnohsYPnlUIjcAWTUFh btRxhZVFTigkiP/rYHMzrUD+/ubv7m70iswASuvpcng5bOZxqUQB2lCz5wMm8PUj DFC5XwyKdYNBwLsiOX9ZiAdCFQVtPbrbCcsMrd7lglvhniMLsOJCQ5lN3R7WiFfY DibyWJQ5tRS/9Ta+BX0msx4+sjJH35axo3a5xDO3bg7cwGQjhl344DFV/eoGHudp 4IXDmyWCwL/qmOBUv8s6FgeuoA1A8SbxJ38AdDJtwDe8exPFc6y8+kLR6Ru5hMIb sJo2JGft2uk5Tk4S2UezFm5lkpmI2JVXyG8AtPcqqDihWLAOaFGm2adxkCMKLSSR 2eAS3x7b8u+wxyNm+fEAmzo+uNZX3ur/u+1VoBP4zlqXWNoc82i21oodT/sF+utU y1sMcbcGb+KYDk/G6WzSb9EBqOL9oXpWgqka0hqbIrgek0QAMoLhK8OkAjqmOWNo SpGaEsaqhh2mzk+9ldTEcOxGBetKAppUXMlUzmZtREqtBVJWr4O76aITFm6jqFEh 0b0lfVZu6rjim70= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlY1yxaTt1ptwymVKBpO 7u027VRXkxAFWmxBL0+Yv/cm8el9jq6UxwEJBmCI2oHJooKrAHf4w9kdMpzmkqXl onh7EIh4TFJx9ABcCtHCEG3jxhY85HMP7rfSqdSJu2OjUwXDU6X4bsVUmJPsdvNJ UvP8/Ht85dkpvzoxMoIG14wgH+R+PJWCCmAyspkeXDPjOMwLbeJwjfW2EHk9pzHO y4rwunwG2ih+zNvRTGSx4bM6B0JsUA0p8KBwAQs4Dad2qWAjsqlQYKo56HHLDjT8 S7NFThvMW3r9UQbNJqgHD8ZBEvqHINQqmJKTxoWBPd+ivn4F/Np/SvLSALfZp2bj xQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 42648246520356916474579345163156489393 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Texas' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Houston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SSL.com RSA SSL subCA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-25 09:05:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-09 09:05:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'kyerenue.surfnet.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23017883303426179901057475642977254894614072074302664965777933976039549933390923903459036549683037670974929747699869994999122179214046824316071623798603991775179217530896649823941219518691109600366903218685805592476674630456692894269515912766948132196174449885589266807798612785863044064789902639148373659728853848503054163050706379770384284794191375478193596367094825992790813611319521944358327147892360559646100938383430947661544943289165059674769593442655285787051607782105119052254953216810547119843951024596809477704473375884739504280216212298953549891089164942466214264835582541385864412951204262659411700802501 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26147ee0dcd7a6f7e2d40427df61f1c2ece732ca . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (102 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsps.ssl.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kyerenue.surfnet.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (74 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.38064.1.3.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.ssl.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.ssl.com/SSLcom-SubCA-SSL-RSA-4096-R1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fa4eb9e578267e5fe888f13bc63973a6b7117bcf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0068de428637455a446cea329fe9081d937355d9d8a76c213cd9a2952541e027b0fbe8590777aca16dadc9ccb87a1f3d901cee57762795b4307c79a28ab7c6bd21081a267f85336cd35a98a160f3c34d8eb6bc5bc77dc56ab44c2178a0034da7ab4539acbf31a94d99e886c60f9e55088dc0164d41616ed4718595454e282488ffeb607333ad40fefee6efee6ef48acc004aebe97278396ce671a94401da50b3e70326f0f5230c50b95f0c8a758341c0bb22397f5988074215056d3dbadb09cb0caddee5825be19e230bb0e24243994ddd1ed68857d80e26f2589439b514bff536be057d26b31e3eb23247df96b1a376b9c433b76e0edcc06423865df8e03155fdea061ee769e085c39b2582c0bfea98e054bfcb3a1607aea00d40f126f1277f0074326dc037bc7b13c573acbcfa42d1e91bb984c21bb09a362467eddae9394e4e12d947b3166e65929988d89557c86f00b4f72aa838a158b00e6851a6d9a77190230a2d2491d9e012df1edbf2efb0c72366f9f1009b3a3eb8d657deeaffbbed55a013f8ce5a9758da1cf368b6d68a1d4ffb05faeb54cb5b0c71b7066fe2980e4fc6e96cd26fd101a8e2fda17a5682a91ad21a9b22b81e9344003282e12bc3a4023aa63963684a919a12c6aa861da6ce4fbd95d4c470ec4605eb4a029a545cc954ce666d444aad055256af83bbe9a213166ea3a85121d1bd257d566eeab8e29bbd