ainan.fi
Issued by GTS CA 1P5
About this certificate
This digital certificate with serial number 3c:74:54:28:1c:cf:4d:db:13:d0:a2:8f:58:2d:3e:8e was issued on by Google Trust Services LLC.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ainan.fi
Google Trust Services LLC
Organization:
Google Trust Services LLC
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 3c:74:54:28:1c:cf:4d:db:13:d0:a2:8f:58:2d:3e:8eSerial Number (int): 80357693083134395273168919588827381390
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 09:4f:d6:27:be:20:23:1b:b3:a0:d9:89:48:f1:61:71:c3:f9:5e:a4
AuthorityKeyId: d5:fc:9e:0d:df:1e:ca:dd:08:97:97:6e:2b:c5:5f:c5:2b:f5:ec:b8
Fingerprint (sha1): 2e:25:55:58:56:7b:a1:82:d4:df:3b:38:52:a5:72:ca:1d:f9:22:90
Fingerprint (sha256): db:a3:da:32:d2:c7:e2:5c:1b:0f:f9:94:65:c0:2f:ff:a5:81:2a:27:bb:24:33:8e:a6:3a:56:26:e6:22:bf:af
Issuing Certificate URL: http://pki.goog/repo/certs/gts1p5.der
Revocation information
OCSP Server: http://ocsp.pki.goog/s/gts1p5/dUr30JE0WMwCRL Distribution Point: http://crls.pki.goog/gts1p5/Lizs3EThNgc.crl
Check the revocation status for certificate ainan.fi
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ainan.fi
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ainan.fi
*.ainan.fi
*.ainan.fi
Other certificates including the domain name ainan.fi
(limited to 100 certificates)
Certificate
The complete raw certificate details for ainan.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIQPHRUKBzPTdsT0KKPWC0+jjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFQNTAeFw0yNDAxMjcxMDA0MjNaFw0yNDA0MjYx MDA0MjJaMBMxETAPBgNVBAMTCGFpbmFuLmZpMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAitkkfKHesXo/scre/xrePGILA5YBX5Sup38kYpv+FTZaMBHC VxxDD2Xg/cw2D6bWzQJDs1fzc7ra+MM+kndb+qt1QtqzA6wW9hWLLqMa/yMDOo8o nSFmWR5fvdhMaEoIQNs/LutA8CvN6ot2/VeUuzPizGOiD8c02vChrbvlmtB1MsxW p+0ocUz0a2bPUv95MDgpkC60BsGKzp3KvU7GlzGJyh64g8gatPigzPbUR3GeNmeI RLhapS6ZnUO3394sI8uTKZvLX4wRDsnKlQtB6MbUjntRqAcBb1CpOfccDq79b0I6 9XBDy7RhSY620iU6RU3zIMBd5T8yXj4pUgMD1QIDAQABo4ICezCCAncwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFAlP1ie+ICMbs6DZiUjxYXHD+V6kMB8GA1UdIwQYMBaAFNX8ng3fHsrd CJeXbivFX8Ur9ey4MHgGCCsGAQUFBwEBBGwwajA1BggrBgEFBQcwAYYpaHR0cDov L29jc3AucGtpLmdvb2cvcy9ndHMxcDUvZFVyMzBKRTBXTXcwMQYIKwYBBQUHMAKG JWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czFwNS5kZXIwHwYDVR0RBBgw FoIIYWluYW4uZmmCCiouYWluYW4uZmkwIQYDVR0gBBowGDAIBgZngQwBAgEwDAYK KwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29v Zy9ndHMxcDUvTGl6czNFVGhOZ2MuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGNSpeRFwAABAMA RzBFAiBP71rqKjcZiAXAeNkKGk7+CzCuZ/sTnnWLITin7L49hwIhAIO9S9Kth/Z5 mmLws/LRn9TnwqjwvpjjQy0uPLr7fOtzAHYA7s3QZNXbGs7FXLedtM0TojKHRny8 7N7DUUhZRnEftZsAAAGNSpeQ8wAABAMARzBFAiEAvroChyN2/B99ooBd52LwCP4q FmT6c0x+gdyrsJHHYDACIGQe/eoFu/j5tt8byCCdhcobLZGi2rHi41lvrOSYh0Bv MA0GCSqGSIb3DQEBCwUAA4IBAQAXL6MyCURuqAwSBdc90TQlHQ3KiCeyLBtnix4D bJ8Q63yhkUmWICJvG1gP9tuMuAZJNKjxmCzW0EO/I0eenTK07pJuYwJOOks3L9Lt 28vpd7HA1f+1ihcOlzAEfXVsPa3v9DVTFfR4+UcXfwz8PknVSXnG2VH0lk2K3hOk MWJtA/fSAc/oLV7sZFeKUyIJgG2ach/pSF1Xf5jaKpSEofZUEuiOkr1c4FmldClV 2LJO8dyoyLJ8W/srZEo96daVQXajazSCtbahgegn/U0UjkyGJI7jNcjWAg2/F4y7 KE3V7q7cZgng0bJpdGxiOAapWhn7A0HHHthppNvG/Z2mEamW -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitkkfKHesXo/scre/xre PGILA5YBX5Sup38kYpv+FTZaMBHCVxxDD2Xg/cw2D6bWzQJDs1fzc7ra+MM+kndb +qt1QtqzA6wW9hWLLqMa/yMDOo8onSFmWR5fvdhMaEoIQNs/LutA8CvN6ot2/VeU uzPizGOiD8c02vChrbvlmtB1MsxWp+0ocUz0a2bPUv95MDgpkC60BsGKzp3KvU7G lzGJyh64g8gatPigzPbUR3GeNmeIRLhapS6ZnUO3394sI8uTKZvLX4wRDsnKlQtB 6MbUjntRqAcBb1CpOfccDq79b0I69XBDy7RhSY620iU6RU3zIMBd5T8yXj4pUgMD 1QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 80357693083134395273168919588827381390 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1P5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-27 10:04:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-26 10:04:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ainan.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17527963056063970364764410856392182229358622466098362774485713888048011237565087325309511579852462561767011033954264977508628029807767375701573857172480388749994053044079289212559549831787617390095090423526904901296525034089948096724263804007137128471892542692094967533188233856754029686658918642842000797429861178411011430178288144429112587214441622208252453389661942963791094790630499413383342215387919972572046648316086032561940427647615248627228183524538803548466980387345087770418264529943731105699229470749910679114376858197557969219107505587205796294298771487733705224045020426631354641472709586516643288384469 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 094fd627be20231bb3a0d98948f16171c3f95ea4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d5fc9e0ddf1ecadd0897976e2bc55fc52bf5ecb8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1p5/dUr30JE0WMw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1p5.der' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ainan.fi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ainan.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1p5/Lizs3EThNgc.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d4a979117000004030047304502204fef5aea2a37198805c078d90a1a4efe0b30ae67fb139e758b2138a7ecbe3d8702210083bd4bd2ad87f6799a62f0b3f2d19fd4e7c2a8f0be98e3432d2e3cbafb7ceb73007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018d4a9790f30000040300473045022100beba02872376fc1f7da2805de762f008fe2a1664fa734c7e81dcabb091c760300220641efdea05bbf8f9b6df1bc8209d85ca1b2d91a2dab1e2e3596face49887406f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00172fa33209446ea80c1205d73dd134251d0dca8827b22c1b678b1e036c9f10eb7ca191499620226f1b580ff6db8cb8064934a8f1982cd6d043bf23479e9d32b4ee926e63024e3a4b372fd2eddbcbe977b1c0d5ffb58a170e9730047d756c3dadeff4355315f478f947177f0cfc3e49d54979c6d951f4964d8ade13a431626d03f7d201cfe82d5eec64578a532209806d9a721fe9485d577f98da2a9484a1f65412e88e92bd5ce059a5742955d8b24ef1dca8c8b27c5bfb2b644a3de9d6954176a36b3482b5b6a181e827fd4d148e4c86248ee335c8d6020dbf178cbb284dd5eeaedc6609e0d1b269746c623806a95a19fb0341c71ed869a4dbc6fd9da611a996