candidrecords.com

Issued by GTS CA 1D4

About this certificate

This digital certificate with serial number 14:51:5d:2f:47:94:44:dd:09:ec:d0:67:3d:c4:8c:15 was issued on by Google Trust Services LLC.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=candidrecords.com

Google Trust Services LLC

Organization: Google Trust Services LLC
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 14:51:5d:2f:47:94:44:dd:09:ec:d0:67:3d:c4:8c:15
Serial Number (int): 27007025971209098188745321404891958293
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 53:0d:b5:0d:03:a5:66:b1:89:fb:32:5a:c2:18:c0:62:8e:e4:d5:4d
AuthorityKeyId: 25:e2:18:0e:b2:57:91:94:2a:e5:d4:5d:86:90:83:de:53:b3:b8:92

Fingerprint (sha1): fe:b0:88:95:22:cc:98:05:2d:5a:4f:5e:61:33:d6:bf:eb:20:36:30
Fingerprint (sha256): eb:35:22:5b:64:eb:06:7e:b3:f5:c6:b7:dd:f5:94:af:d6:98:13:de:d9:77:9d:5c:35:5b:2e:69:ce:e0:38:cb

Issuing Certificate URL: http://pki.goog/repo/certs/gts1d4.der

Revocation information

OCSP Server: http://ocsp.pki.goog/s/gts1d4/c_jSgrljH4g
CRL Distribution Point: http://crls.pki.goog/gts1d4/EM1tx45pidw.crl

Check the revocation status for certificate candidrecords.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for candidrecords.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

candidrecords.com

Other certificates including the domain name candidrecords.com

(limited to 100 certificates)
candidrecords.com
candidrecords.com
candidrecords.com
candidrecords.com
candidrecords.com
store.candidrecords.com
candidrecords.com
store.candidrecords.com
candidrecords.com
www.candidrecords.com
store.candidrecords.com
candidrecords.com
store.candidrecords.com
candidrecords.com
store.candidrecords.com
candidrecords.com
store.candidrecords.com
store.candidrecords.com
candidrecords.com
store.candidrecords.com
store.candidrecords.com
candidrecords.com
www.candidrecords.com
candidrecords.com

Certificate

The complete raw certificate details for candidrecords.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIQFFFdL0eURN0J7NBnPcSMFTANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
QzETMBEGA1UEAxMKR1RTIENBIDFENDAeFw0yNDA0MjAwNTIwMjJaFw0yNDA3MTkw
NjA4MzNaMBwxGjAYBgNVBAMTEWNhbmRpZHJlY29yZHMuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/ck/HNGndQrPnBws9SKHfXkAGZm+SocgQSv
SabE8Vy6p1LGNkEON1+GBz646tuyPJw20vqOq+uxmvUpSnkvG2nVtelk7v0P02q+
l8NQV6CbxLIB/+ycZIPGGP4tOWH/49gm/+ICgES+Y4ZDpKWUKkoTe7aJNioCAUfs
f4QFzK/Z5uvFbNZh6xTPje7nxLPzH5IEqbyUrhME426Yva97KL1zmFTeu4YL/WHV
APt3su1MjcXttv1i9Xikcj+jiOHFuel8UMS1jJC1eAisyJa4jc7Y46TwuREQXIqD
4Taerm1OIu8A//uErgwXpfxZK7lsENUfffFXJmfnA1mriuHvswIDAQABo4ICeDCC
AnQwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFFMNtQ0DpWaxifsyWsIYwGKO5NVNMB8GA1UdIwQYMBaA
FCXiGA6yV5GUKuXUXYaQg95Ts7iSMHgGCCsGAQUFBwEBBGwwajA1BggrBgEFBQcw
AYYpaHR0cDovL29jc3AucGtpLmdvb2cvcy9ndHMxZDQvY19qU2dybGpINGcwMQYI
KwYBBQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czFkNC5kZXIw
HAYDVR0RBBUwE4IRY2FuZGlkcmVjb3Jkcy5jb20wIQYDVR0gBBowGDAIBgZngQwB
AgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Jscy5w
a2kuZ29vZy9ndHMxZDQvRU0xdHg0NXBpZHcuY3JsMIIBBAYKKwYBBAHWeQIEAgSB
9QSB8gDwAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGO+im+
VgAABAMARzBFAiAHRVoBktOlZfxW1jpTSAeEjSPBGyzWdaAD3wMy1TkEvgIhAMf0
39N5UO3q9ZzNGR03yXsOvBeEQ3DiOAwompYttv+LAHYAPxdLT9ciR1iUHWUchL4N
Eu2QN38fhWrrwb8ohez4ZG4AAAGO+im+NgAABAMARzBFAiEAtfOU4ydpcR7SV8bP
CKaiaGhDJGH6n492f54UVaXvFHoCIFz7vlLnhsB1Eo2cSCtLIQJNeW9mgsNHYSeu
5CQofoF6MA0GCSqGSIb3DQEBCwUAA4IBAQB/enR52DNayZCsOejt30mRyduB1Ki/
Qhq8i2s6xKOXWgM0GylZOHU/8XKFD77f3KnPRXnLU+EKCDfT2Jg0goM4T4PMxHZb
+8FE96iZNLwNn4axSfPtF4crJw60DVEDbEEcDRrKlcp7oM5djO/SFUSyInb0WHG+
STkjy7gaPIZkYq1PAOuev3+OXLpbHKWN/Ta9cF2lbgicFeMyPl8+UdRC7SO/myHB
09Qnr+c8C82plUB3dsppuXglJ5Y0TZkuZUAvxO65MCRvMK1UFn/zhAr5Drd727zV
HoK4WuMvMAWlxD/TXlFKMyQvlkDGBBmBiZoToSFsJ+hhxCjJWiYOmEWO
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/ck/HNGndQrPnBws9SK
HfXkAGZm+SocgQSvSabE8Vy6p1LGNkEON1+GBz646tuyPJw20vqOq+uxmvUpSnkv
G2nVtelk7v0P02q+l8NQV6CbxLIB/+ycZIPGGP4tOWH/49gm/+ICgES+Y4ZDpKWU
KkoTe7aJNioCAUfsf4QFzK/Z5uvFbNZh6xTPje7nxLPzH5IEqbyUrhME426Yva97
KL1zmFTeu4YL/WHVAPt3su1MjcXttv1i9Xikcj+jiOHFuel8UMS1jJC1eAisyJa4
jc7Y46TwuREQXIqD4Taerm1OIu8A//uErgwXpfxZK7lsENUfffFXJmfnA1mriuHv
swIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 27007025971209098188745321404891958293
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Google Trust Services LLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GTS CA 1D4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-20 05:20:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-19 06:08:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'candidrecords.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22718528072787918309321595366070886441096218880275931256964318427703242742966689986593146614934419236515684235260831521763844309881829934468151263068682704180992199789063542783096559042317787523763705671614276550244594485460992408273341476972966015993199323117761818907575299190078194559163987784895653499966624496839522082842714038111299749660161580939694363871654245287701999136360969741587453272804165057065822860904566743054973600777861337127388416074425681234648819334431936382516609674189462413541817352681863288624154865819985443325721064477450337255724442032172245132749253104105682104174671941798825621057459
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							530db50d03a566b189fb325ac218c0628ee4d54d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 25e2180eb25791942ae5d45d869083de53b3b892
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.goog/s/gts1d4/c_jSgrljH4g'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://pki.goog/repo/certs/gts1d4.der'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'candidrecords.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.5.3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.goog/gts1d4/EM1tx45pidw.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018efa29be560000040300473045022007455a0192d3a565fc56d63a534807848d23c11b2cd675a003df0332d53904be022100c7f4dfd37950edeaf59ccd191d37c97b0ebc17844370e2380c289a962db6ff8b0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018efa29be360000040300473045022100b5f394e32769711ed257c6cf08a6a26868432461fa9f8f767f9e1455a5ef147a02205cfbbe52e786c075128d9c482b4b21024d796f6682c3476127aee424287e817a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007f7a7479d8335ac990ac39e8eddf4991c9db81d4a8bf421abc8b6b3ac4a3975a03341b295938753ff172850fbedfdca9cf4579cb53e10a0837d3d898348283384f83ccc4765bfbc144f7a89934bc0d9f86b149f3ed17872b270eb40d51036c411c0d1aca95ca7ba0ce5d8cefd21544b22276f45871be493923cbb81a3c866462ad4f00eb9ebf7f8e5cba5b1ca58dfd36bd705da56e089c15e3323e5f3e51d442ed23bf9b21c1d3d427afe73c0bcda995407776ca69b978252796344d992e65402fc4eeb930246f30ad54167ff3840af90eb77bdbbcd51e82b85ae32f3005a5c43fd35e514a33242f9640c6041981899a13a1216c27e861c428c95a260e98458e