www.gov.uk
Issued by GlobalSign Domain Validation CA - G2
About this certificate
This digital certificate with serial number 11:21:b7:cb:c3:73:df:6b:91:d0:4e:07:15:f8:22:9b:4c:33 was issued on by GlobalSign nv-sa.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- 1 DNS name(s) are bare public suffixes: gov.uk The domain SHOULD NOT have a bare public suffix (awslabs certlint)
Certificate Subject
CN=www.gov.uk,OU=Domain Control Validated,C=GB
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 11:21:b7:cb:c3:73:df:6b:91:d0:4e:07:15:f8:22:9b:4c:33Serial Number (int): 1492382485672056341063702317449954031520819
Serial Number lenght: 141 bits, 18 octets
SubjectKeyId: 54:77:dd:19:86:38:9f:66:94:b5:62:5c:06:d1:c9:03:cf:32:03:bc
AuthorityKeyId: 96:ad:fa:b0:5b:b9:83:64:2a:76:c2:1c:8a:69:da:42:dc:fe:fd:28
Fingerprint (sha1): 1b:55:74:1d:46:2b:52:7c:21:d0:ad:f9:22:2b:a6:1d:e7:f8:44:c2
Fingerprint (sha256): da:90:17:4e:5c:2a:c2:13:d0:28:9d:77:fa:3b:d6:23:a8:ec:67:21:f1:0f:b3:cf:90:9a:43:b9:40:cd:b0:5e
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalg2.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsdomainvalg2CRL Distribution Point: http://crl.globalsign.com/gs/gsdomainvalg2.crl
Check the revocation status for certificate www.gov.uk
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.gov.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.gov.uk
gov.uk
gov.uk
Other certificates including the domain name www.gov.uk
(limited to 100 certificates)
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
Certificate
The complete raw certificate details for www.gov.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgISESG3y8Nz32uR0E4HFfgim0wzMA0GCSqGSIb3DQEBBQUA MFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYD VQQDEyRHbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIwHhcNMTEx MjIwMTUwMjUxWhcNMTIxMjIwMTUwMjUxWjBFMQswCQYDVQQGEwJHQjEhMB8GA1UE CxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRMwEQYDVQQDDAp3d3cuZ292LnVr MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn1315Y+QRfGmnPYFI9J iTl26VPr6GHzZpUfhCgDtEIUTpJGoT1FaI63uKPkRQWAaBUniLN3CCRYcUaQ7rWs sze8aILBn/7DKBLmTHHpH3mJqseLKnM+7KpwegIPHCAmh5N0jnvlfAdZBzv5Kb3F PwCWyK8B2KfAvLmqSlZnypwM1eNRy9JKZnxDLq0zp777CbAaOAo4CiwKl1DG0JoE Ohw5Na4SC+QUqf7jiZsOMl8GZvuSk8aEL5H7/S3z1RdDj6Wl7V4EIRiaEXpiKLH9 BTzCbxi8WbLzdTBr7VGp2Df4+FB4RRz+cr1MSw9TH6XV3BrSy6hbjZvBJ7wuu1OT vwIDAQABo4IBtzCCAbMwDgYDVR0PAQH/BAQDAgWgMEwGA1UdIARFMEMwQQYJKwYB BAGgMgEKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t L3JlcG9zaXRvcnkvMB0GA1UdEQQWMBSCCnd3dy5nb3YudWuCBmdvdi51azAJBgNV HRMEAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA/BgNVHR8EODA2 MDSgMqAwhi5odHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL2dzZG9tYWludmFs ZzIuY3JsMIGIBggrBgEFBQcBAQR8MHowQQYIKwYBBQUHMAKGNWh0dHA6Ly9zZWN1 cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsZzIuY3J0MDUGCCsG AQUFBzABhilodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxn MjAdBgNVHQ4EFgQUVHfdGYY4n2aUtWJcBtHJA88yA7wwHwYDVR0jBBgwFoAUlq36 sFu5g2QqdsIcimnaQtz+/SgwDQYJKoZIhvcNAQEFBQADggEBAFAKMaJuvSIwr3PE eYEweh/2vvufI/8ZiVLFHU5LCDTVsUmEDbptt7bck9Qfk53wRF+MMrJyyrap4v6R jGGIDX0ruR//wAvgBWjGdLsp/cxzqXPcvoLzL01izABadPuigCMHZQKdjW+FfzFy MGAbyIIDlH8cTz5bAL7EUNNU2Df2wEem7C66Y5c9gy2NM3KOS9c+WwOoY4o3RHoz 8LsWsNk5uMtK1KV6DRIYSvfHI7+2PiG97lI+Z5Qo2DwuJgnsp22kR57fM+APGY7h lsXHSvBOCO0rXfHEAzEnfNAtJrX5C4uoCcZTyJFZtblLyLCc2sna/+uaCo2etXeD 6wDH6cY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn1315Y+QRfGmnPYFI9J iTl26VPr6GHzZpUfhCgDtEIUTpJGoT1FaI63uKPkRQWAaBUniLN3CCRYcUaQ7rWs sze8aILBn/7DKBLmTHHpH3mJqseLKnM+7KpwegIPHCAmh5N0jnvlfAdZBzv5Kb3F PwCWyK8B2KfAvLmqSlZnypwM1eNRy9JKZnxDLq0zp777CbAaOAo4CiwKl1DG0JoE Ohw5Na4SC+QUqf7jiZsOMl8GZvuSk8aEL5H7/S3z1RdDj6Wl7V4EIRiaEXpiKLH9 BTzCbxi8WbLzdTBr7VGp2Df4+FB4RRz+cr1MSw9TH6XV3BrSy6hbjZvBJ7wuu1OT vwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1492382485672056341063702317449954031520819 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-12-20 15:02:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2012-12-20 15:02:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.gov.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24047148586053903865871781549315464262357601178470197966248919186047644952618289940801119764671543185864313983285645429027731311894814803843365525302844906125225090039024267067602687121109944231991178956113084714998561122607364924786927963208731362161629605281720943190886857922264801075112524937565198079099379150303705793751143702277089745206487391459157677631802444344508716414715952891376521562470687858813237344197783786965012049385536615493938331277020394950433059071250624677719273138838163126869225002750895170169151224844437468544356581268220817742040938678731478025011527376478701652806689355698803932631999 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.10 (globalsignDVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gov.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsdomainvalg2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalg2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalg2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5477dd1986389f6694b5625c06d1c903cf3203bc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96adfab05bb983642a76c21c8a69da42dcfefd28 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00500a31a26ebd2230af73c47981307a1ff6befb9f23ff198952c51d4e4b0834d5b149840dba6db7b6dc93d41f939df0445f8c32b272cab6a9e2fe918c61880d7d2bb91fffc00be00568c674bb29fdcc73a973dcbe82f32f4d62cc005a74fba280230765029d8d6f857f317230601bc88203947f1c4f3e5b00bec450d354d837f6c047a6ec2eba63973d832d8d33728e4bd73e5b03a8638a37447a33f0bb16b0d939b8cb4ad4a57a0d12184af7c723bfb63e21bdee523e679428d83c2e2609eca76da4479edf33e00f198ee196c5c74af04e08ed2b5df1c40331277cd02d26b5f90b8ba809c653c89159b5b94bc8b09cdac9daffeb9a0a8d9eb57783eb00c7e9c6