test-idp.dfn-cert.de

Issued by DFN-CERT Services GmbH CA - G02

About this certificate


This digital certificate with serial number 0d:b9:f7:1b was issued on by DFN-CERT Services GmbH .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • ERROR: Certificate contains a key usage different from ClientAuth or EmailProtection

DFN-CERT Services GmbH

Organization: DFN-CERT Services GmbH
Country: DE

DFN-CERT Services GmbH

Organization: DFN-CERT Services GmbH
Country: DE

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:b9:f7:1b
Serial Number (int): 230291227
Serial Number lenght: 28 bits, 4 octets

SubjectKeyId: 04:ff:be:3e:fe:c9:c2:d4:fe:03:fb:50:b6:ee:07:b3:a8:f7:d9:d3
AuthorityKeyId: c6:8b:cf:fa:44:fc:3a:6a:4b:68:ab:e8:e7:bf:38:23:e5:ba:0a:96

Fingerprint (sha1): af:d7:2f:d4:a1:bb:f4:20:e7:75:75:6d:9b:70:2e:05:12:e0:4f:5b
Fingerprint (sha256): 8b:af:b9:83:69:f6:3c:ac:be:9d:70:30:6c:2b:3e:88:9a:de:77:64:55:e3:40:31:ad:aa:ff:9b:06:02:42:27

Issuing Certificate URL: http://cdp1.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/cacert/g_cacert.crt
Issuing Certificate URL: http://cdp2.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/cacert/g_cacert.crt

Revocation information

CRL Distribution Point: http://cdp1.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/crl/g_cacrl.crl
CRL Distribution Point: http://cdp2.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/crl/g_cacrl.crl

Check the revocation status for the current certificate on test-idp.dfn-cert.de
0
DNS Names
1
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Content Commitment
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names (DNS Name). [email protected]

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgIEDbn3GzANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJE RTEfMB0GA1UEChMWREZOLUNFUlQgU2VydmljZXMgR21iSDEoMCYGA1UEAxMfREZO LUNFUlQgU2VydmljZXMgR21iSCBDQSAtIEcwMjAeFw0wOTAyMTcwODQ3MDhaFw0x NDAyMTYwODQ3MDhaMHMxCzAJBgNVBAYTAkRFMR8wHQYDVQQKExZERk4tQ0VSVCBT ZXJ2aWNlcyBHbWJIMR0wGwYDVQQDExR0ZXN0LWlkcC5kZm4tY2VydC5kZTEkMCIG CSqGSIb3DQEJARYVd2VibWFzdGVyQGRmbi1jZXJ0LmRlMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA5bECRUEkix++wHXVndFFIu2i61JyJ36d5cahoZnC FK8wMRc0VAeET5cYHpG0DMO82VHK5x+4oEtUzv0GxmESHoAppX8nCfgrpcoqIEUX pkPss/ewrwnlBnJLmdXzsNVgXvqSvnP86aLcLRcWZQYNrk8el9WP+HYUlAIyTyVW zBSBwy4l3ooRT8aU6ZLIIL1XonErLf5L5YgHgTTMNh7KKdYFEQGtAuUjB+VoLK0W fE0hLglCbKcbDUYjpkyllf7RO1p3pDSm/XYzRrvkh0C6DNaPZ3FXHgl1fOH+tcqK b2KodzUaIlWgSr0fY6OoiMiRI7xzx+Qqe2oJDa5rwUuZDQIDAQABo4ICAjCCAf4w CQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG AQUFBwMBMB0GA1UdDgQWBBQE/74+/snC1P4D+1C27gezqPfZ0zAfBgNVHSMEGDAW gBTGi8/6RPw6aktoq+jnvzgj5boKljAgBgNVHREEGTAXgRV3ZWJtYXN0ZXJAZGZu LWNlcnQuZGUwgaMGA1UdHwSBmzCBmDBKoEigRoZEaHR0cDovL2NkcDEucGNhLmRm bi5kZS9kZm4tY2VydC1zZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jcmwvZ19jYWNybC5j cmwwSqBIoEaGRGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLWNlcnQtc2Vydmlj ZXMtZ21iaC1jYS9wdWIvY3JsL2dfY2FjcmwuY3JsMIG8BggrBgEFBQcBAQSBrzCB rDBUBggrBgEFBQcwAoZIaHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tY2VydC1z ZXJ2aWNlcy1nbWJoLWNhL3B1Yi9jYWNlcnQvZ19jYWNlcnQuY3J0MFQGCCsGAQUF BzAChkhodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2Rmbi1jZXJ0LXNlcnZpY2VzLWdt YmgtY2EvcHViL2NhY2VydC9nX2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEB AFTXEVUxZaPWvfOcL9gQ4fIrNfteXnu5cF1KYe6tR9lVnd9r3hAqDrSMmhf+DMxn 42EwOdXOgz3W2MT5szCBaFvAG3kWMpdK49ID2zSK+o/DD6B1iq61THwYeNxyYtXz p/LinjuERAEjMnrEFMhlboE/L1espQQXav3PrV6msi3LbiR3VKYLqmore1w6y9m7 /tl64d3O6WKX/YT9A/xifnVLFF8iqxr+ZpfYrQ5JhlB7IX9s8+HB4MkFTjzFCLiR eUJnZljw4mZAjJ7FIZKVy8VCUklKCGrNK0RZgvfTeld//CN5p1Pj4OrpAalVC2D2 ipeT3ekeSU2PyQ88HIsa3NU= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bECRUEkix++wHXVndFF Iu2i61JyJ36d5cahoZnCFK8wMRc0VAeET5cYHpG0DMO82VHK5x+4oEtUzv0GxmES HoAppX8nCfgrpcoqIEUXpkPss/ewrwnlBnJLmdXzsNVgXvqSvnP86aLcLRcWZQYN rk8el9WP+HYUlAIyTyVWzBSBwy4l3ooRT8aU6ZLIIL1XonErLf5L5YgHgTTMNh7K KdYFEQGtAuUjB+VoLK0WfE0hLglCbKcbDUYjpkyllf7RO1p3pDSm/XYzRrvkh0C6 DNaPZ3FXHgl1fOH+tcqKb2KodzUaIlWgSr0fY6OoiMiRI7xzx+Qqe2oJDa5rwUuZ DQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 230291227 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DFN-CERT Services GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DFN-CERT Services GmbH CA - G02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2009-02-17 08:47:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-02-16 08:47:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DFN-CERT Services GmbH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test-idp.dfn-cert.de' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28995858163855246174908054904137469024717036263105737073322243691163959212573427737105530246770785578635939220382492192880916572728639341684761323885980134543836624458325033871536044779124886322132389657412429414825780372848475652016296222833581501140680865338817940485894235922143929364852066837470794091802354980612899511424184686974233352278959978981192580160119303458984308562890127927443131487271904852460813478481971037625864541207446993557929856646123093491472366805585013583647618246565260086867948744800173931225142618599192567791235849860292400491232766255167524259626698818438474120728559840407218526329101 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05e0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 04ffbe3efec9c2d4fe03fb50b6ee07b3a8f7d9d3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c68bcffa44fc3a6a4b68abe8e7bf3823e5ba0a96 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '[email protected]' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (155 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/crl/g_cacrl.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/crl/g_cacrl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (175 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/cacert/g_cacert.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp2.pca.dfn.de/dfn-cert-services-gmbh-ca/pub/cacert/g_cacert.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0054d711553165a3d6bdf39c2fd810e1f22b35fb5e5e7bb9705d4a61eead47d9559ddf6bde102a0eb48c9a17fe0ccc67e3613039d5ce833dd6d8c4f9b33081685bc01b791632974ae3d203db348afa8fc30fa0758aaeb54c7c1878dc7262d5f3a7f2e29e3b84440123327ac414c8656e813f2f57aca504176afdcfad5ea6b22dcb6e247754a60baa6a2b7b5c3acbd9bbfed97ae1ddcee96297fd84fd03fc627e754b145f22ab1afe6697d8ad0e4986507b217f6cf3e1c1e0c9054e3cc508b8917942676658f0e266408c9ec5219295cbc54252494a086acd2b445982f7d37a577ffc2379a753e3e0eae901a9550b60f68a9793dde91e494d8fc90f3c1c8b1adcd5