psapp.kps-payment.de
- KPS Payment GmbH & Co.KG -
Issued by thawte SSL CA - G2
About this certificate
This digital certificate with serial number 3d:f8:db:c6:d4:3d:74:94:c6:9d:72:00:b2:56:1c:73 was issued on by thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
KPS Payment GmbH & Co.KG
Organization:
KPS Payment GmbH & Co.KG
State / Province:
Bremen
Locality: Bremen
Country: DE
Locality: Bremen
Country: DE
thawte, Inc.
Organization:
thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 3d:f8:db:c6:d4:3d:74:94:c6:9d:72:00:b2:56:1c:73Serial Number (int): 82375054964361000135232985011821354099
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: c2:4f:48:57:fc:d1:4f:9a:c0:5d:38:7d:0e:05:db:d9:2e:b5:52:60
Fingerprint (sha1): 30:0b:f7:c8:40:c0:d1:45:bf:64:68:4b:e2:6d:38:f2:87:e1:8f:07
Fingerprint (sha256): c8:44:3f:6e:48:bc:75:12:fe:5f:55:89:fd:28:72:fd:6b:5d:5d:0e:c1:4b:3e:29:1b:e2:12:fe:96:eb:ef:47
Issuing Certificate URL: http://tj.symcb.com/tj.crt
Revocation information
OCSP Server: http://tj.symcd.comCRL Distribution Point: http://tj.symcb.com/tj.crl
Check the revocation status for certificate psapp.kps-payment.de
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for psapp.kps-payment.de
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
psapp.kps-payment.de
Other certificates including the domain name kps-payment.de
(limited to 100 certificates)
kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
*.kps-payment.de
kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
secure-test.kps-payment.de
psapp.kps-payment.de
secure.kps-payment.de
psapp.kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
*.kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
*.kps-payment.de
kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
secure-test.kps-payment.de
psapp.kps-payment.de
secure.kps-payment.de
psapp.kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
secure.kps-payment.de
*.kps-payment.de
Certificate
The complete raw certificate details for psapp.kps-payment.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEtDCCA5ygAwIBAgIQPfjbxtQ9dJTGnXIAslYcczANBgkqhkiG9w0BAQsFADBB MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0 aGF3dGUgU1NMIENBIC0gRzIwHhcNMTUwNzI5MDAwMDAwWhcNMTcwODI3MjM1OTU5 WjBxMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQnJlbWVuMQ8wDQYDVQQHFAZCcmVt ZW4xITAfBgNVBAoUGEtQUyBQYXltZW50IEdtYkggJiBDby5LRzEdMBsGA1UEAxQU cHNhcHAua3BzLXBheW1lbnQuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDAoomvHnATdt3yriFdHSLZFcwMOO3AWnCa7p4rxhewQR0yMRMbsnh3zt4v Wj5KrRkl62KAMU/JijNdyAKlV7pss5ljbjubwy1Z4oG5/YdiDVzj/suY6faD6HuX lk56Tf1VCKqsemgtfd198ObL7WnBGCsConZgochz8dBmuTCIfOUxO7a9T8eCNGIW sfowR/4hjijbFhXANd2YuYPj+27hpXJyckpvX34foCTjJJJjkNuKCNwYFUJpnNsx Qjck8kw1UTchzpqYxl+0MBGcFKcPanCo17neHVvm3KhG8cLRhCkEqzoeosKU7KZY bwKYRsTchl3XmzGDDSG8wk7hyGoHAgMBAAGjggF2MIIBcjAfBgNVHREEGDAWghRw c2FwcC5rcHMtcGF5bWVudC5kZTAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EM AQICMFkwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8G CCsGAQUFBwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAO BgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAw KwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggr BgEFBQcwAYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDov L3RqLnN5bWNiLmNvbS90ai5jcnQwDQYJKoZIhvcNAQELBQADggEBACL0dhpezqSe XDOip8dmaSyWUU8VoQFQZBdbG4ljdQCQxX0Zz+wn7CGLnmrsKphKauB2J1FKbAyQ GBYD/jQKz0lBIZxukdBPLlxW+Uz2Gj0ZrYw4PQeG2VkktRKvJtN0UOba9KLh9EXY 6INrmYLBqsLcF3Ujcqp90UXdalS1dQg9IPFueY3ddZDWFFP6KbEIwW46UxmbvTLb 1U/sqUeeUOHcihsO1ycRW4UPIhL4oZoWnwJwDJYM4hctZ6eKhbWYHJ9fkdAfZW4o Na8pMqAjPzWiGv+OLSRmxjOeNVkDkYSA3a7qRaXShLwVxzV9d1XqavVzPXCPpK17 fdgz+t4dewI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKKJrx5wE3bd8q4hXR0i 2RXMDDjtwFpwmu6eK8YXsEEdMjETG7J4d87eL1o+Sq0ZJetigDFPyYozXcgCpVe6 bLOZY247m8MtWeKBuf2HYg1c4/7LmOn2g+h7l5ZOek39VQiqrHpoLX3dffDmy+1p wRgrAqJ2YKHIc/HQZrkwiHzlMTu2vU/HgjRiFrH6MEf+IY4o2xYVwDXdmLmD4/tu 4aVycnJKb19+H6Ak4ySSY5DbigjcGBVCaZzbMUI3JPJMNVE3Ic6amMZftDARnBSn D2pwqNe53h1b5tyoRvHC0YQpBKs6HqLClOymWG8CmEbE3IZd15sxgw0hvMJO4chq BwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 82375054964361000135232985011821354099 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte SSL CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-07-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bremen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Bremen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'KPS Payment GmbH & Co.KG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'psapp.kps-payment.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24317904943889744005820962489091816043790423085222573427991998901671734504421026783766795708327011475703405591843729692226427615755017431200260795232511439299251482497047095894080195928958887765572579680968344057763535358458507415861688425323692983538602701109808777254095221071590535488550852756614921493515817568850546351687095011107501498321018361979588737685600954614875564539143645098237313514860731173868358667562831291127453802351335894500215843358515677724424100213049300380350664658418343527103534259661572856358171830287456209612990850240636860479207904752216818180403905724140974691040384493391900423252487 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'psapp.kps-payment.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c24f4857fcd14f9ac05d387d0e05dbd92eb55260 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tj.symcb.com/tj.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0022f4761a5ecea49e5c33a2a7c766692c96514f15a1015064175b1b8963750090c57d19cfec27ec218b9e6aec2a984a6ae07627514a6c0c90181603fe340acf4941219c6e91d04f2e5c56f94cf61a3d19ad8c383d0786d95924b512af26d37450e6daf4a2e1f445d8e8836b9982c1aac2dc17752372aa7dd145dd6a54b575083d20f16e798ddd7590d61453fa29b108c16e3a53199bbd32dbd54feca9479e50e1dc8a1b0ed727115b850f2212f8a19a169f02700c960ce2172d67a78a85b5981c9f5f91d01f656e2835af2932a0233f35a21aff8e2d2466c6339e355903918480ddaeea45a5d284bc15c7357d7755ea6af5733d708fa4ad7b7dd833fade1d7b02