blog.boris-wach.de

Issued by StartCom Class 1 Primary Intermediate Server CA

About this certificate


This digital certificate with serial number 13:e3:ca was issued on by StartCom Ltd..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([2.5.29.18])
  • ERROR: Certificate has key usage [KeyAgreement] set

blog.boris-wach.de

Country: DE

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Country: DE

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 13:e3:ca
Serial Number (int): 1303498
Serial Number lenght: 21 bits, 3 octets

SubjectKeyId: fb:ed:32:0b:f7:ff:71:a8:1c:d8:06:84:f5:8c:4a:3d:ee:2d:a5:f6
AuthorityKeyId: eb:42:34:d0:98:b0:ab:9f:f4:1b:6b:08:f7:cc:64:2e:ef:0e:2c:45

Fingerprint (sha1): 04:38:83:03:fe:c4:40:7c:ab:c7:e2:a2:9d:46:9b:8f:bc:f0:1e:03
Fingerprint (sha256): 50:08:da:68:21:eb:ff:6e:39:0e:7d:52:b9:e5:65:79:c9:77:38:26:24:13:b5:f4:de:c9:d9:97:9b:66:16:91

Issuing Certificate URL: http://aia.startssl.com/certs/sub.class1.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class1/server/ca
CRL Distribution Point: http://crl.startssl.com/crt1-crl.crl

Check the revocation status for the current certificate on blog.boris-wach.de
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

blog.boris-wach.de
boris-wach.de

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGYDCCBUigAwIBAgIDE+PKMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQxMDI3MDA1MTE1 WhcNMTUxMDI4MDM1NzUyWjBuMRkwFwYDVQQNExAxck1pN1B1NkR1RHgzMVM5MQsw CQYDVQQGEwJERTEbMBkGA1UEAxMSYmxvZy5ib3Jpcy13YWNoLmRlMScwJQYJKoZI hvcNAQkBFhhwb3N0bWFzdGVyQGJvcmlzLXdhY2guZGUwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDWWgo8ETdEUazSD4aG0mtr2vCQpRHg6EgN52FKJQjO Thfe5hK4l82FdBMIXRINKegJH7xUS6JQ7iTcLav6FOP6/02VXsTzIzop0CmArS+5 HUMMzEfTYuleLc/QIqwnJr6cDYkegTtRfTH3akjTcNQ5Awu0ahsyr8peib/EBPSh QnJKUbIeWyoxwYI6kXoDTFlYJqjvrYRiRJVLAyNurIvQ/6z/zzFFH9BUOoJwbtX9 iJi0p9JDPpbAGm9QQ+BmXiSAbPGpVSI3pSi39KEf5HDxzWf2/Ii0XTwU4IHks3Q8 hPXc1ptY8FuXOTPMpY4uyIE33vrnZSDiM9CB01c3J9HXAgMBAAGjggLmMIIC4jAJ BgNVHRMEAjAAMAsGA1UdDwQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNV HQ4EFgQU++0yC/f/cagc2AaE9YxKPe4tpfYwHwYDVR0jBBgwFoAU60I00Jiwq5/0 G2sI98xkLu8OLEUwLAYDVR0RBCUwI4ISYmxvZy5ib3Jpcy13YWNoLmRlgg1ib3Jp cy13YWNoLmRlMIIBVgYDVR0gBIIBTTCCAUkwCAYGZ4EMAQIBMIIBOwYLKwYBBAGB tTcBAgMwggEqMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9w b2xpY3kucGRmMIH3BggrBgEFBQcCAjCB6jAnFiBTdGFydENvbSBDZXJ0aWZpY2F0 aW9uIEF1dGhvcml0eTADAgEBGoG+VGhpcyBjZXJ0aWZpY2F0ZSB3YXMgaXNzdWVk IGFjY29yZGluZyB0byB0aGUgQ2xhc3MgMSBWYWxpZGF0aW9uIHJlcXVpcmVtZW50 cyBvZiB0aGUgU3RhcnRDb20gQ0EgcG9saWN5LCByZWxpYW5jZSBvbmx5IGZvciB0 aGUgaW50ZW5kZWQgcHVycG9zZSBpbiBjb21wbGlhbmNlIG9mIHRoZSByZWx5aW5n IHBhcnR5IG9ibGlnYXRpb25zLjA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vY3Js LnN0YXJ0c3NsLmNvbS9jcnQxLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYI KwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MxL3Nl cnZlci9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNzbC5jb20vY2Vy dHMvc3ViLmNsYXNzMS5zZXJ2ZXIuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAPInJ7lDhwUlfLkmj Z+GmrccyMmizWopx5mT3ogDt1b9MGwRcFhnTPel06H1dvnu8mE7UTq6gvUdvzs9R 9uiMNW1RhZ9kjAa0+wiwgJkIACpzLvWyCUt/l4+QqzAY6YTf1zKEtvNlQHEKzrjp G+MfKTMakUJshQKxASE5GcBhiaSq48C0LI/x5a2lKrUGztOBD/m+U/vVQqCIsRlC 0NKxcmdbHGiFaPYMPwuPnarnG1S82jovlbf+3V245Yo0BPkZWGyBrAPMf5Tx+6uz 9ce50nCdN0B5lOVpgHK7yVjSNUbEYXt/IHxX7iAkZL2uhNrlTgz9ZfEutoSZvDdN 7UsR8g== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1loKPBE3RFGs0g+GhtJr a9rwkKUR4OhIDedhSiUIzk4X3uYSuJfNhXQTCF0SDSnoCR+8VEuiUO4k3C2r+hTj +v9NlV7E8yM6KdApgK0vuR1DDMxH02LpXi3P0CKsJya+nA2JHoE7UX0x92pI03DU OQMLtGobMq/KXom/xAT0oUJySlGyHlsqMcGCOpF6A0xZWCao762EYkSVSwMjbqyL 0P+s/88xRR/QVDqCcG7V/YiYtKfSQz6WwBpvUEPgZl4kgGzxqVUiN6Uot/ShH+Rw 8c1n9vyItF08FOCB5LN0PIT13NabWPBblzkzzKWOLsiBN97652Ug4jPQgdNXNyfR 1wIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded