blog.schaeufele.org

Issued by StartCom Class 1 Primary Intermediate Server CA

About this certificate


This digital certificate with serial number 0d:9c:1e was issued on by StartCom Ltd. .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • WARNING: Certificate contains unknown extension ([2.5.29.18])
  • ERROR: Certificate has key usage [KeyAgreement] set

blog.schaeufele.org

Country: DE

StartCom Ltd.

Organization: StartCom Ltd.
Organization unit: Secure Digital Certificate Signing
Country: DE

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:9c:1e
Serial Number (int): 891934
Serial Number lenght: 20 bits, 3 octets

SubjectKeyId: d8:86:aa:3d:64:d7:43:bf:78:44:57:f8:63:82:e3:87:14:40:71:e3
AuthorityKeyId: eb:42:34:d0:98:b0:ab:9f:f4:1b:6b:08:f7:cc:64:2e:ef:0e:2c:45

Fingerprint (sha1): e4:86:1a:81:5c:6b:d5:c8:20:1a:43:77:7d:f9:54:fb:47:f7:cb:93
Fingerprint (sha256): af:ab:68:99:52:54:18:3d:ae:32:6b:55:6b:15:03:42:44:95:35:70:09:40:70:99:6c:85:1b:59:ab:08:a1:d8

Issuing Certificate URL: http://aia.startssl.com/certs/sub.class1.server.ca.crt

Revocation information

OCSP Server: http://ocsp.startssl.com/sub/class1/server/ca
CRL Distribution Point: http://crl.startssl.com/crt1-crl.crl

Check the revocation status for the current certificate on blog.schaeufele.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

blog.schaeufele.org
schaeufele.org

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGZDCCBUygAwIBAgIDDZweMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTMxMjI3MTYyNzA0 WhcNMTQxMjI4MTEzODMxWjBwMRkwFwYDVQQNExBjOU52RjA2MzB3MVZldEdOMQsw CQYDVQQGEwJERTEcMBoGA1UEAxMTYmxvZy5zY2hhZXVmZWxlLm9yZzEoMCYGCSqG SIb3DQEJARYZcG9zdG1hc3RlckBzY2hhZXVmZWxlLm9yZzCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMDNAJ/CJo7ubXCBP9JjzZxjJpoouti0nI2jj2l4 WyF4i9ESWUd9lHC78XvPPqMi/uuyPfNPbQvZMa7gnbOJ+RlCy/BBFzFYva4DaeqI WoM5a8/xm2iBHz696l9JNN1oVuM3GdbnUBe7UlwVm6YQbT0kJOp8MCyKAnlNyqEs QS2R4ozWgaVCAwry72RlpWp+OAaGGwVJTJ5F3qr3WiqFxriz0mOO7o3TLHxjy68D nXSeYtOOI/DgPeCGB5nmokVuQcH/ciAfeorvyrn4M8tgM4eZz2/JC88qJPRa9+g1 yo3bFWi/aoJW9epBK/rsPy6NrJu6356MUQFQQDmJjsYUPe8CAwEAAaOCAugwggLk MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0G A1UdDgQWBBTYhqo9ZNdDv3hEV/hjguOHFEBx4zAfBgNVHSMEGDAWgBTrQjTQmLCr n/Qbawj3zGQu7w4sRTAuBgNVHREEJzAlghNibG9nLnNjaGFldWZlbGUub3Jngg5z Y2hhZXVmZWxlLm9yZzCCAVYGA1UdIASCAU0wggFJMAgGBmeBDAECATCCATsGCysG AQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5j b20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeowJxYgU3RhcnRDb20gQ2VydGlm aWNhdGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMgY2VydGlmaWNhdGUgd2FzIGlz c3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJl bWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGljeSwgcmVsaWFuY2Ugb25seSBm b3IgdGhlIGludGVuZGVkIHB1cnBvc2UgaW4gY29tcGxpYW5jZSBvZiB0aGUgcmVs eWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDov L2NybC5zdGFydHNzbC5jb20vY3J0MS1jcmwuY3JsMIGOBggrBgEFBQcBAQSBgTB/ MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFydHNzbC5jb20vc3ViL2NsYXNz MS9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly9haWEuc3RhcnRzc2wuY29t L2NlcnRzL3N1Yi5jbGFzczEuc2VydmVyLmNhLmNydDAjBgNVHRIEHDAahhhodHRw Oi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcNAQEFBQADggEBAET+U38qZ3lS GuglWhm+EdY8orECDKy+L6muGaCAwkgupF8EQW9jx5iAl30Bggz/al9ya4Gyrou6 Xnll9MO+TToSZGdrs71DwCVC0rvy4VrkAwmOt27HOYpyqinjWUSMWSMpf5tmGalN QApKqppHmq/EVniIuHVz8OekJnJoKvCpYDWaxA3M53uBuQB7QifK+A8gMIUVjF+Z AH9Z8fUVke9TpGrzZAJ1wJzmxOikVg6gqXWct+WaGyQjzPkYeOMl146gtYnZlA5s iOIzRdEm0M0crMxqMIrSL8Ez8JhLZf7DvlC770meKagkKm5Kjc04eWkRkaCE1Dt+ CjPqrnDgM6Q= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM0An8Imju5tcIE/0mPN nGMmmii62LScjaOPaXhbIXiL0RJZR32UcLvxe88+oyL+67I9809tC9kxruCds4n5 GULL8EEXMVi9rgNp6ohagzlrz/GbaIEfPr3qX0k03WhW4zcZ1udQF7tSXBWbphBt PSQk6nwwLIoCeU3KoSxBLZHijNaBpUIDCvLvZGWlan44BoYbBUlMnkXeqvdaKoXG uLPSY47ujdMsfGPLrwOddJ5i044j8OA94IYHmeaiRW5Bwf9yIB96iu/Kufgzy2Az h5nPb8kLzyok9Fr36DXKjdsVaL9qglb16kEr+uw/Lo2sm7rfnoxRAVBAOYmOxhQ9 7wIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded