aef.asso.fr
Issued by Gandi RSA Domain Validation Secure Server CA 3
About this certificate
This digital certificate with serial number 94:0c:d5:39:be:91:b7:37:7d:cd:7f:04:ec:08:d0:1b was issued on by Gandi.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=aef.asso.fr
Gandi
Organization:
Gandi
Country:
FR
This certificate will expire on
Certificate Details
Serial Number (hex): 94:0c:d5:39:be:91:b7:37:7d:cd:7f:04:ec:08:d0:1bSerial Number (int): 196792375666699119566775369245194244123
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 2d:fe:5c:7b:5a:4d:60:b3:d7:dc:a4:84:bb:17:2c:aa:3d:dc:f9:80
AuthorityKeyId: 81:11:92:de:66:32:a5:b0:5b:33:3d:65:43:85:fc:d4:04:2d:f1:ae
Fingerprint (sha1): 4d:46:f8:10:74:e1:5d:9a:9d:ff:38:fb:46:9a:ff:2a:8d:44:96:eb
Fingerprint (sha256): e9:68:ab:42:b8:66:5c:f3:03:dc:84:f9:9f:a2:bb:67:2a:d9:f3:43:61:14:dc:d2:37:51:c7:e5:88:0e:41:34
Issuing Certificate URL: http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCheck the revocation status for certificate aef.asso.fr
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aef.asso.fr
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aef.asso.fr
Other certificates including the domain name aef.asso.fr
(limited to 100 certificates)
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
www.aef.asso.fr
aef.asso.fr
www.aef.asso.fr
Certificate
The complete raw certificate details for aef.asso.fr in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFmjCCBAKgAwIBAgIRAJQM1Tm+kbc3fc1/BOwI0BswDQYJKoZIhvcNAQEMBQAw VjELMAkGA1UEBhMCRlIxDjAMBgNVBAoTBUdhbmRpMTcwNQYDVQQDEy5HYW5kaSBS U0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQSAzMB4XDTIzMTEw MTAwMDAwMFoXDTI0MTEzMDIzNTk1OVowFjEUMBIGA1UEAxMLYWVmLmFzc28uZnIw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASwXU5SaC/DB9dGixwRAIrURmnCcQlO EnXMLgK6TQ3lWdVtkd8IMbNVNAfQl6LB7qNwvqJppoSFKEbn5MCMo8d8o4IC7DCC AugwHwYDVR0jBBgwFoAUgRGS3mYypbBbMz1lQ4X81AQt8a4wHQYDVR0OBBYEFC3+ XHtaTWCz19ykhLsXLKo93PmAMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAA MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAEQjBAMDQGCysG AQQBsjEBAgIaMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BT MAgGBmeBDAECATCBgwYIKwYBBQUHAQEEdzB1ME4GCCsGAQUFBzAChkJodHRwOi8v Y3J0LnNlY3RpZ28uY29tL0dhbmRpUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNl cnZlckNBMy5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29t MBYGA1UdEQQPMA2CC2FlZi5hc3NvLmZyMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFq AWgAdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYuIMWCRAAAE AwBGMEQCIDhl85NJJMbe9KDnQQah5IOzKME3JjrmcWoyFmm7COywAiBW/bCR/rDj PqZ+ycYLBbSo2xPLjJ6hAujp0AdRXohSmQB2ANq2v2s/tbYin5vCu1xr6HCRcWy7 UYSFNL2kPTBI1/urAAABi4gxYT0AAAQDAEcwRQIhAPIyiy6QbdE3iRoyGmdaaeEB T6OroBH8FfEp8cxdQO1iAiArartSNwETFOUxzol/JhTAgTC6U0q3VvAPx/Z34KDd 8wB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi4gxYLsAAAQD AEgwRgIhAIHt3V42btHYKglVT8lhmp5lwLU2YNqxXM5hHsp7K70ZAiEA53XwgeQW wOk4vFLKXa4vUbIZjKyAXXiegPuJ/pdNllUwDQYJKoZIhvcNAQEMBQADggGBALPB uxjRFx4+4RvHsxAqlmRZheTNn8Zlf+HnZ49RkCl1le5CjV7SHu+gsfiUqwZMVRf6 JVl3CFHF+frV+EhP3DY6qDSyl948GKWXxqszf5R2ml8TwVFxhOY33fAHw/pz/gW6 lOBCxHtFQNHKYJNKaWITQe4mXvc+sMwcmq6u5y+HOqO9Thb6aS/OU4wljfNhIS5K a3bX+nbBjS41raEBa75HWWpM6CSrRsRr36Oo4jtGST4lfHimavHuwCAnyX4eUQb6 CZkpHwj6HxMb+NLdIOS2jdgebwMs8lizdeGl1v1P1/G+I1dfGYa7LU95fT8HRnif dC4lmGCuqM6KUJNwf+4fzfjr7prM1RpcXS8ZYGDjH4fUMJ5EEXrzMxcx7P/oX5SJ 582ryDhKhWMPDSMiGHZ7vfzFzh8BQQF6hFKmARhpGAgYr7/qVodhL2NrpZQlUzCO YC0SkYVnnUHIgMuHUxWmiCN8w745wH0qgMWK49eHjw7bchZqXCuYbWjqNC5wOg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsF1OUmgvwwfXRoscEQCK1EZpwnEJ ThJ1zC4Cuk0N5VnVbZHfCDGzVTQH0Jeiwe6jcL6iaaaEhShG5+TAjKPHfA== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 196792375666699119566775369245194244123 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi RSA Domain Validation Secure Server CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aef.asso.fr' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 0004b05d4e52682fc307d7468b1c11008ad44669c271094e1275cc2e02ba4d0de559d56d91df0831b3553407d097a2c1eea370bea269a684852846e7e4c08ca3c77c . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 811192de6632a5b05b333d654385fcd4042df1ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2dfe5c7b5a4d60b3d7dca484bb172caa3ddcf980 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aef.asso.fr' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 016800750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b88316091000004030046304402203865f3934924c6def4a0e74106a1e483b328c137263ae6716a321669bb08ecb0022056fdb091feb0e33ea67ec9c60b05b4a8db13cb8c9ea102e8e9d007515e885299007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b8831613d0000040300473045022100f2328b2e906dd137891a321a675a69e1014fa3aba011fc15f129f1cc5d40ed6202202b6abb5237011314e531ce897f2614c08130ba534ab756f00fc7f677e0a0ddf3007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b883160bb000004030048304602210081eddd5e366ed1d82a09554fc9619a9e65c0b53660dab15cce611eca7b2bbd19022100e775f081e416c0e938bc52ca5dae2f51b2198cac805d789e80fb89fe974d9655 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 00b3c1bb18d1171e3ee11bc7b3102a96645985e4cd9fc6657fe1e7678f5190297595ee428d5ed21eefa0b1f894ab064c5517fa2559770851c5f9fad5f8484fdc363aa834b297de3c18a597c6ab337f94769a5f13c1517184e637ddf007c3fa73fe05ba94e042c47b4540d1ca60934a69621341ee265ef73eb0cc1c9aaeaee72f873aa3bd4e16fa692fce538c258df361212e4a6b76d7fa76c18d2e35ada1016bbe47596a4ce824ab46c46bdfa3a8e23b46493e257c78a66af1eec02027c97e1e5106fa0999291f08fa1f131bf8d2dd20e4b68dd81e6f032cf258b375e1a5d6fd4fd7f1be23575f1986bb2d4f797d3f0746789f742e259860aea8ce8a5093707fee1fcdf8ebee9accd51a5c5d2f196060e31f87d4309e44117af3331731ecffe85f9489e7cdabc8384a85630f0d232218767bbdfcc5ce1f0141017a8452a6011869180818afbfea5687612f636ba5942553308e602d129185679d41c880cb875315a688237cc3be39c07d2a80c58ae3d7878f0edb72166a5c2b986d68ea342e703a