mail.grantthornton.at
Issued by GeoTrust DV SSL SHA256 CA - G2
About this certificate
This digital certificate with serial number 0b:94 was issued on by GeoTrust Inc..
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=mail.grantthornton.at
GeoTrust Inc.
Organization:
GeoTrust Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0b:94Serial Number (int): 2964
Serial Number lenght: 12 bits, 2 octets
SubjectKeyId:
AuthorityKeyId: 8b:c3:fa:bc:d9:a8:43:1e:91:fc:08:4f:9a:cd:34:cb:9f:df:ff:a4
Fingerprint (sha1): f8:a3:71:ae:a0:f0:84:f0:73:23:26:f3:ba:2d:af:4f:61:cd:68:e5
Fingerprint (sha256): d9:50:43:fe:d7:af:41:45:4f:29:03:6e:c6:70:8b:58:d7:13:b0:eb:83:c1:d2:23:d6:c4:d4:7d:19:0d:24:00
Issuing Certificate URL: http://gy.symcb.com/gy.crt
Revocation information
OCSP Server: http://gy.symcd.comCRL Distribution Point: http://gy.symcb.com/gy.crl
Check the revocation status for certificate mail.grantthornton.at
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mail.grantthornton.at
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
webmail.grantthornton.at
mx1.grantthornton.at
mx2.grantthornton.at
autodiscover.grantthornton.at
mail.grantthornton.at
mx1.grantthornton.at
mx2.grantthornton.at
autodiscover.grantthornton.at
mail.grantthornton.at
Other certificates including the domain name grantthornton.at
(limited to 100 certificates)
www.passle.net
www.passle.net
grantthornton.global
www.grantthornton.global
grantthornton.at
www.passle.net
www.passle.net
www.grantthornton.global
www.passle.net
grantthornton.global
www.passle.net
*.grantthornton.at
grantthornton.global
www.passle.net
mail.grantthornton.at
www.passle.net
www.passle.net
www.passle.net
www.passle.net
grantthornton.global
grantthornton.global
sni.cloudflaressl.com
grantthornton.global
grantthornton.global
webmail.grantthornton.at
sni.cloudflaressl.com
*.grantthornton.at
*.grantthornton.at
webmail.grantthornton.at
www.passle.net
www.passle.net
sni.cloudflaressl.com
www.passle.net
sni.cloudflaressl.com
sni.cloudflaressl.com
www.passle.net
webmail.grantthornton.at
www.passle.net
benhammersley.co
www.passle.net
sni.cloudflaressl.com
grantthornton.global
www.passle.net
mail.grantthornton.at
www.passle.net
grantthornton.global
news.grantthornton.at
www.passle.net
grantthornton.global
webmail.grantthornton.at
*.grantthornton.at
news.grantthornton.at
www.passle.net
grantthornton.at
www.passle.net
mail.grantthornton.at
mail.grantthornton.at
sni.cloudflaressl.com
www.passle.net
www.passle.net
www.passle.net
*.grantthornton.at
www.passle.net
www.grantthornton.global
www.passle.net
grantthornton.global
www.grantthornton.global
grantthornton.at
www.passle.net
www.passle.net
www.grantthornton.global
www.passle.net
grantthornton.global
www.passle.net
*.grantthornton.at
grantthornton.global
www.passle.net
mail.grantthornton.at
www.passle.net
www.passle.net
www.passle.net
www.passle.net
grantthornton.global
grantthornton.global
sni.cloudflaressl.com
grantthornton.global
grantthornton.global
webmail.grantthornton.at
sni.cloudflaressl.com
*.grantthornton.at
*.grantthornton.at
webmail.grantthornton.at
www.passle.net
www.passle.net
sni.cloudflaressl.com
www.passle.net
sni.cloudflaressl.com
sni.cloudflaressl.com
www.passle.net
webmail.grantthornton.at
www.passle.net
benhammersley.co
www.passle.net
sni.cloudflaressl.com
grantthornton.global
www.passle.net
mail.grantthornton.at
www.passle.net
grantthornton.global
news.grantthornton.at
www.passle.net
grantthornton.global
webmail.grantthornton.at
*.grantthornton.at
news.grantthornton.at
www.passle.net
grantthornton.at
www.passle.net
mail.grantthornton.at
mail.grantthornton.at
sni.cloudflaressl.com
www.passle.net
www.passle.net
www.passle.net
*.grantthornton.at
www.passle.net
www.grantthornton.global
Certificate
The complete raw certificate details for mail.grantthornton.at in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIExjCCA66gAwIBAgICC5QwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCVVMx FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHTAbBgNVBAsTFERvbWFpbiBWYWxpZGF0 ZWQgU1NMMScwJQYDVQQDEx5HZW9UcnVzdCBEViBTU0wgU0hBMjU2IENBIC0gRzIw HhcNMTUxMTAzMDAwMDQ1WhcNMTYxMTA0MTczNDQ0WjAgMR4wHAYDVQQDExVtYWls LmdyYW50dGhvcm50b24uYXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDuA00W6ht8YSBVD5JeU62wP/+db4LG++8wkKh5Iy/eDvJLVQY4PFqQi19kg+ek kkKgEZBYM+2NtOKJaXeJVsh3qzCRWM2oMJ4CzyC6dqSZCRYInVXtjTgahrW3QyiK EJy3Kq7Bv9Pkp1ZmFIm5hJB7jkeu5ojVYI1JAL5k7YI6qZSxskwR7CM0xnWjxs/O bB+bHtdDWquGM5NomkUq/3Ws4iKWxiJU+BUqNQ4zH5PuKiOKidYyqrKoOSprOKT2 0FU3gdny5/K1mAeqaIhu+F/ZJmvgRbUNMPJKK4TR1+0DBvfjbaepapCM+IzakAiy H5IWvKGoxm3YXHmZIGKcC8ozAgMBAAGjggG7MIIBtzAfBgNVHSMEGDAWgBSLw/q8 2ahDHpH8CE+azTTLn9//pDBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0 dHA6Ly9neS5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9neS5zeW1jYi5j b20vZ3kuY3J0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwgYUGA1UdEQR+MHyCGHdlYm1haWwuZ3JhbnR0aG9ybnRvbi5hdIIU bXgxLmdyYW50dGhvcm50b24uYXSCFG14Mi5ncmFudHRob3JudG9uLmF0gh1hdXRv ZGlzY292ZXIuZ3JhbnR0aG9ybnRvbi5hdIIVbWFpbC5ncmFudHRob3JudG9uLmF0 MCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9neS5zeW1jYi5jb20vZ3kuY3JsMAwG A1UdEwEB/wQCMAAwSQYDVR0gBEIwQDA+BgZngQwBAgEwNDAyBggrBgEFBQcCARYm aHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwDQYJKoZIhvcN AQELBQADggEBACrUUSiLBmbVy/ocSsTGVXoG3H1hE3MH/aNL0XgUvma0vxsPGiAA 8L9aPX3IiDd29+2392rggKerUX00EEMGmoKzeYyDMsqqv7zu97kutFUBlpp9lwOs cIBOq7PQalXQcOPRjzkn89PKDQ8Dp4K5FFw2P7tFWvKpnZASx21N9VjmxoOkK0Wa ud+qmo8nuJEotFMve9SILVhvrdXibTQ0AJa9O4Mz3/d6KL1bzAJlSACaWlI+360m 0q3kIcyV5geGg5qUGE+XJnc+dSeIQhj21tQAl6/qdVEuP6NQk8mKbsxHO2RRCUoZ 2yLEXIucTUkgFnwpkAIwVgBXQprRv1DJBRw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gNNFuobfGEgVQ+SXlOt sD//nW+CxvvvMJCoeSMv3g7yS1UGODxakItfZIPnpJJCoBGQWDPtjbTiiWl3iVbI d6swkVjNqDCeAs8gunakmQkWCJ1V7Y04Goa1t0MoihCctyquwb/T5KdWZhSJuYSQ e45HruaI1WCNSQC+ZO2COqmUsbJMEewjNMZ1o8bPzmwfmx7XQ1qrhjOTaJpFKv91 rOIilsYiVPgVKjUOMx+T7iojionWMqqyqDkqazik9tBVN4HZ8ufytZgHqmiIbvhf 2SZr4EW1DTDySiuE0dftAwb3422nqWqQjPiM2pAIsh+SFryhqMZt2Fx5mSBinAvK MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2964 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust DV SSL SHA256 CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-03 00:00:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-04 17:34:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.grantthornton.at' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30046344430238121608908851739850498642683691776851687696718279997827406562717810009502929057084787843103330760793612820768050068589203916326357038570346493590438611385211209008243361872267860869275259013596956098576093243879643211434582636244121903749544424268326581964278320130390585577663074861637979990450049590224250798958938825064345055567944537316861633660324536997095779477061821410664617698627409319102843541606736365068956167251284129475492288295206385228725382143240101121514700598789986271291622011315511446202556828828634854890459320188163195741992283628906620022867821841919743870736971167084168142899763 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8bc3fabcd9a8431e91fc084f9acd34cb9fdfffa4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gy.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gy.symcb.com/gy.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.grantthornton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mx1.grantthornton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mx2.grantthornton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.grantthornton.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.grantthornton.at' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gy.symcb.com/gy.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/cps' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002ad451288b0666d5cbfa1c4ac4c6557a06dc7d61137307fda34bd17814be66b4bf1b0f1a2000f0bf5a3d7dc8883776f7edb7f76ae080a7ab517d341043069a82b3798c8332caaabfbceef7b92eb45501969a7d9703ac70804eabb3d06a55d070e3d18f3927f3d3ca0d0f03a782b9145c363fbb455af2a99d9012c76d4df558e6c683a42b459ab9dfaa9a8f27b89128b4532f7bd4882d586fadd5e26d34340096bd3b8333dff77a28bd5bcc026548009a5a523edfad26d2ade421cc95e60786839a94184f9726773e7527884218f6d6d40097afea75512e3fa35093c98a6ecc473b6451094a19db22c45c8b9c4d4920167c29900230560057429ad1bf50c9051c