DV SSL/TLS Certificate for kubista.it

Certificate is witin its validity period

Issued by DigiCert Inc (Encryption Everywhere DV TLS CA - G2)

About the kubista.it DV SSL/TLS Certificate

This certificate with serial number 09:5e:87:a1:ac:26:13:5c:e1:5a:1b:39:4d:82:ab:fa for kubista.it was issued on by DigiCert Inc.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for kubista.it provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DigiCert Inc

Organization: DigiCert Inc
Organizational unit: www.digicert.com
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 09:5e:87:a1:ac:26:13:5c:e1:5a:1b:39:4d:82:ab:fa
Serial Number (int): 12453878801074626734000374010173631482
Serial Number Length: 124 bits, 16 octets

Subject Key Identifier: 6d:0a:c8:09:f8:39:9e:99:a1:98:a2:41:bc:c5:98:48:87:23:2f:d4
Authority Key Identifier: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6

Fingerprint (SHA-1): ae:7e:81:9e:82:ac:47:62:23:ae:9d:b1:c3:f9:6e:eb:c7:1e:05:48
Fingerprint (SHA-256): fb:d2:a7:e5:fa:07:f4:ac:de:ad:d8:90:ce:d3:c4:da:59:9f:d6:1d:a3:f8:d4:37:32:58:da:cd:70:77:4e:92

Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt

Revocation Information

OCSP Server: http://ocsp.digicert.com

Check the revocation status for certificate kubista.it
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for kubista.it

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for kubista.it in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIQCV6HoawmE1zhWhs5TYKr+jANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzIwHhcNMjUwMTI5MDAwMDAwWhcNMjYwMjI3MjM1OTU5WjAV
MRMwEQYDVQQDEwprdWJpc3RhLml0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2LnmwXAmj9HPELdb1YaPlDZLSSCtG6a1MlOJaCad4LPnju20Y5YPvUAb
9EeJuu6jWjC0jqQ6GG4nnNmggZuYj1E6Ux2UOJ3K1ZIgBg2SV6lIB2/bL57zOpkP
3NsMdSD8ENDZw4JeO+B2+FuAGxk4YI23d/m2BoP6AO+qY03kTAqhn84nYXQCV2M1
eJEEOzCvxsmTLKQaVKQIe6Us6APys25Xw7h39wsI1eEkhu2htJtEb2qIu5+CsGhf
CHp1o3UFlQZ9QFoEjvngYJ6A2Gbt073BSkYuUR/Yp9lAFBPRMgrksC1qAYi0CMvk
wg4pFZRmMDLil/5A7xk8+FJYSaod2wIDAQABo4IC7DCCAugwHwYDVR0jBBgwFoAU
eN+RkF/u3qz2xXXr1UxVU+8kSrYwHQYDVR0OBBYEFG0KyAn4OZ6ZoZiiQbzFmEiH
Iy/UMCUGA1UdEQQeMByCCmt1YmlzdGEuaXSCDnd3dy5rdWJpc3RhLml0MD4GA1Ud
IAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNl
cnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMIGABggrBgEFBQcBAQR0MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v
Y3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEFBQcwAoY+aHR0cDovL2NhY2VydHMuZGln
aWNlcnQuY29tL0VuY3J5cHRpb25FdmVyeXdoZXJlRFZUTFNDQS1HMi5jcnQwDAYD
VR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHQADleUvPOuqT4z
GyyZB7P3kN+bwj1xMiXdIaklrGHFTiEAAAGUtCoZEwAABAMARTBDAh8JqRgLx2dR
5YCFnADbBzx6l1RPPakRAhB8L2df7MVQAiBsmonaNW2HgAQJTXtILWiql8tmR8RP
r/hSa8vSv5Jz2AB3AGQRxGykEuyniRyiAi4AvKtPKAfUHjUnq+r+1QPJfc3wAAAB
lLQqGQwAAAQDAEgwRgIhAKpBq+o1ODqCSuBrkfySYaWvtcAdkDsznNHQZyUrpFC2
AiEAqMMc1lJyvIzSOJfspVjEKAuKj8KC6m7fSTGQmDr3X2gAdgBJnJtp3h187Pw2
3s2HZKa4W68Kh4AZ0VVS++nrKd34wwAAAZS0KhkgAAAEAwBHMEUCIQCJaF9H0jHy
vkvr43OeIyh8PTomwA0EYqJ0try6oF7gNwIgdRLTmz7IOVaUw3QDmSieFfbJQchV
ojh5NCwopNbekKMwDQYJKoZIhvcNAQELBQADggEBAHS5S0Sg+hVKCFtchlyZ0ViK
GrEQgBkQRRySNjxXBmmriPAEfhoeV3Vwus7qPiNnIRPPlXckulpaxvKdM8Kcg9c5
xq0w+Krfh/HT8kxWwoN3he3elV1n2nfe5JZBVpMR0WIojF/QQrF0+Wjav2BBGLQ2
w47WIvHrEHotjVDCv4nlfPPLe5kXm7uOt9a7VkCS6MBfJgsnx5NzxrTh05oNMsz3
vI3C6RVvu6/zBKmXaY+j/JnlrHz82Lzmn2LCe9B2kzIYX8uPJvUPcqTZnBLKQV09
F436W+gpWqqKAEdpCUWxocq1L9W6m+YvRkqj9UJQA69yW9vog+UFOSReeI3cJv0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LnmwXAmj9HPELdb1YaP
lDZLSSCtG6a1MlOJaCad4LPnju20Y5YPvUAb9EeJuu6jWjC0jqQ6GG4nnNmggZuY
j1E6Ux2UOJ3K1ZIgBg2SV6lIB2/bL57zOpkP3NsMdSD8ENDZw4JeO+B2+FuAGxk4
YI23d/m2BoP6AO+qY03kTAqhn84nYXQCV2M1eJEEOzCvxsmTLKQaVKQIe6Us6APy
s25Xw7h39wsI1eEkhu2htJtEb2qIu5+CsGhfCHp1o3UFlQZ9QFoEjvngYJ6A2Gbt
073BSkYuUR/Yp9lAFBPRMgrksC1qAYi0CMvkwg4pFZRmMDLil/5A7xk8+FJYSaod
2wIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 12453878801074626734000374010173631482
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-02-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kubista.it'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27359145264288707542803591573889294305768687709873383416525012183994453805725988674142385851707839252762172634430898863065394875450380945825410061710387158020550313444048540876595266018118735456675117275393433945660484604404292107103829900224742006215446688238957883149314261957202479620355519872594648245029404509886291240940449573161953997854778862962307463739637675808711946698581220145522460925710158212450504429121794335286985906716368900138018729753055183484109009323407672902576480031956099274164955008700626823388986678968413129203476784295698203568672847864745867865224069034234227524481185680670897858026971
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6d0ac809f8399e99a198a241bcc5984887232fd4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kubista.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kubista.it'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670074000e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e2100000194b42a19130000040300453043021f09a9180bc76751e580859c00db073c7a97544f3da91102107c2f675fecc55002206c9a89da356d878004094d7b482d68aa97cb6647c44faff8526bcbd2bf9273d80077006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf000000194b42a190c0000040300483046022100aa41abea35383a824ae06b91fc9261a5afb5c01d903b339cd1d067252ba450b6022100a8c31cd65272bc8cd23897eca558c4280b8a8fc282ea6edf493190983af75f68007600499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c300000194b42a1920000004030047304502210089685f47d231f2be4bebe3739e23287c3d3a26c00d0462a274b6bcbaa05ee03702207512d39b3ec8395694c3740399289e15f6c941c855a23879342c28a4d6de90a3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0074b94b44a0fa154a085b5c865c99d1588a1ab110801910451c92363c570669ab88f0047e1a1e577570baceea3e23672113cf957724ba5a5ac6f29d33c29c83d739c6ad30f8aadf87f1d3f24c56c2837785edde955d67da77dee49641569311d162288c5fd042b174f968dabf604118b436c38ed622f1eb107a2d8d50c2bf89e57cf3cb7b99179bbb8eb7d6bb564092e8c05f260b27c79373c6b4e1d39a0d32ccf7bc8dc2e9156fbbaff304a997698fa3fc99e5ac7cfcd8bce69f62c27bd0769332185fcb8f26f50f72a4d99c12ca415d3d178dfa5be8295aaa8a0047690945b1a1cab52fd5ba9be62f464aa3f5425003af725bdbe883e50539245e788ddc26fd